| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-4075 | BWL Advanced FAQ Manager Lite <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sbox_id' Shortcode Attribute | xenioushk | BWL Advanced FAQ Manager Lite | Medium | 6.4 | 2026-03-26 02:25:21 | Deep Dive |
| CVE-2025-68990 | WordPress BWL Pro Voting Manager plugin <= 1.4.9 - SQL Injection vulnerability | xenioushk | BWL Pro Voting Manager | High | 8.5 | 2025-12-30 10:47:51 | Deep Dive |
| CVE-2025-68991 | WordPress BWL Pro Voting Manager plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability | xenioushk | BWL Pro Voting Manager | Medium | 6.5 | 2025-12-30 10:47:51 | Deep Dive |
| CVE-2025-68992 | WordPress BWL Knowledge Base Manager plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability | xenioushk | BWL Knowledge Base Manager | 中危 | - | 2025-12-30 10:47:51 | Deep Dive |
| CVE-2024-13801 | BWL Advanced FAQ Manager <= 2.1.4 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update | xenioushk | BWL Advanced FAQ Manager | High | 8.1 | 2025-03-26 08:21:52 | Deep Dive |
| CVE-2024-32136 | WordPress BWL Advanced FAQ Manager plugin <= 2.0.3 - Auth. SQL Injection vulnerability | Xenioushk | BWL Advanced FAQ Manager | High | 7.6 | 2024-04-15 07:29:57 | Deep Dive |