| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-32386 | WordPress Envo Extra plugin <= 1.9.13 - Broken Access Control vulnerability | EnvoThemes | Envo Extra | 中危 | - | 2026-03-13 11:42:10 | Deep Dive |
| CVE-2025-66066 | WordPress Envo Extra plugin <= 1.9.11 - Cross Site Scripting (XSS) vulnerability | EnvoThemes | Envo Extra | Medium | 6.5 | 2025-11-21 12:29:56 | Deep Dive |
| CVE-2025-47471 | WordPress Envo Extra plugin <= 1.9.9 - Broken Access Control Vulnerability | EnvoThemes | Envo Extra | Medium | 4.3 | 2025-05-07 14:19:44 | Deep Dive |
| CVE-2025-22770 | WordPress Envo Multipurpose theme <= 1.1.6 - Broken Access Control vulnerability | EnvoThemes | Envo Multipurpose | Medium | 5.4 | 2025-03-27 14:11:01 | Deep Dive |
| CVE-2024-10770 | Envo Extra <= 1.9.3 - Authenticated (Contributor+) Post Disclosure | envothemes | Envo Extra | Medium | 4.3 | 2024-11-09 04:32:26 | Deep Dive |
| CVE-2024-50447 | WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <= 1.4.19 - Cross Site Scripting (XSS) vulnerability | EnvoThemes | Envo's Elementor Templates & Widgets for WooCommerce | Medium | 6.5 | 2024-10-28 17:57:27 | Deep Dive |
| CVE-2024-43292 | WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <= 1.4.16 - Cross Site Scripting (XSS) vulnerability | EnvoThemes | Envo's Elementor Templates & Widgets for WooCommerce | Medium | 5.9 | 2024-08-18 21:12:15 | Deep Dive |
| CVE-2024-5645 | Envo Extra <= 1.8.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget | envothemes | Envo Extra | Medium | 6.4 | 2024-06-07 09:33:37 | Deep Dive |
| CVE-2024-4385 | Envo Extra <= 1.8.16 - Authenticated (Contributor+) Cross-Site Scripting | envothemes | Envo Extra | Medium | 6.4 | 2024-05-16 11:05:28 | Deep Dive |
| CVE-2024-35167 | WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <=1.4.8 - Cross Site Scripting (XSS) vulnerability | EnvoThemes | Envo's Elementor Templates & Widgets for WooCommerce | Medium | 6.5 | 2024-05-13 10:02:54 | Deep Dive |
| CVE-2024-32456 | WordPress Envo Extra plugin <= 1.8.11 - Cross Site Scripting (XSS) vulnerability | EnvoThemes | Envo Extra | Medium | 6.5 | 2024-04-17 09:57:13 | Deep Dive |
| CVE-2024-0767 | Envo's Elementor Templates & Widgets for WooCommerce <= 1.4.4 - Cross-Site Request Forgery via ajax_plugin_activation | envothemes | Envo's Templates & Widgets for Elementor and WooCommerce | Medium | 4.3 | 2024-02-28 08:33:13 | Deep Dive |
| CVE-2024-0766 | Envo's Elementor Templates & Widgets for WooCommerce <= 1.4.4 - Missing Authorization via templates_ajax_request | envothemes | Envo's Templates & Widgets for Elementor and WooCommerce | Medium | 4.3 | 2024-02-28 08:33:11 | Deep Dive |
| CVE-2024-0768 | Envo's Elementor Templates & Widgets for WooCommerce <= 1.4.4 - Cross-Site Request Forgery via ajax_theme_activation | envothemes | Envo's Templates & Widgets for Elementor and WooCommerce | Medium | 4.3 | 2024-02-28 08:33:09 | Deep Dive |