| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-13006 | SurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Unauthenticated Information Exposure | wpeka-club | SurveyFunnel – Survey Plugin for WordPress | Medium | 5.3 | 2025-12-05 04:29:13 | Deep Dive |
| CVE-2025-12417 | SurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | wpeka-club | SurveyFunnel – Survey Plugin for WordPress | Medium | 6.4 | 2025-12-05 04:29:11 | Deep Dive |
| CVE-2025-62984 | WordPress WP AdCenter plugin <= 2.6.1 - Cross Site Scripting (XSS) vulnerability | WPeka | WP AdCenter | - | - | 2025-10-27 01:34:21 | Deep Dive |
| CVE-2025-53278 | WordPress WP AdCenter plugin <= 2.6.0 - Cross Site Scripting (XSS) Vulnerability | WPeka | WP AdCenter | Medium | 6.5 | 2025-06-27 13:21:19 | Deep Dive |
| CVE-2025-31860 | WordPress WP AdCenter plugin <= 2.5.8 - Cross Site Scripting (XSS) vulnerability | WPeka | WP AdCenter | Medium | 6.5 | 2025-04-01 14:52:05 | Deep Dive |
| CVE-2024-10113 | WP AdCenter – Ad Manager & Adsense Ads <= 2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpadcenter_ad Shortcode | wpeka-club | WP AdCenter – Ad Manager & Adsense Ads | Medium | 6.4 | 2024-11-15 05:30:55 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-8317 | WP AdCenter – Ad Manager & Adsense Ads <= 2.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ad_alignment Attribute | wpeka-club | WP AdCenter – Ad Manager & Adsense Ads | Medium | 6.4 | 2024-09-06 06:50:53 | Deep Dive |
| CVE-2024-4869 | WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.2.0 - Unauthenticated Stored Cross-Site Scripting via Client-IP header | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | High | 7.2 | 2024-06-25 23:35:08 | Deep Dive |
| CVE-2024-3599 | WP Cookie Consent ( for GDPR, CCPA & ePrivacy ) <= 3.0.2 - Missing Authorization to Unauthenticated Arbitrary Post Deletion | wplegalpages | Cookie Banner for GDPR / CCPA – WPLP Cookie Consent | Medium | 5.3 | 2024-05-02 16:52:03 | Deep Dive |
| CVE-2023-4968 | WPLegalPages <= 2.9.2 - Authenticated (Author+) Stored Cross-Site Scripting via Shortcode | wplegalpages | Privacy Policy Generator – WPLP Legal Pages | Medium | 5.5 | 2023-10-20 06:35:31 | Deep Dive |