| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2426 | WP-DownloadManager <= 1.69 - Authenticated (Administrator+) Path Traversal to Arbitrary File Deletion via 'file' Parameter | gamerz | WP-DownloadManager | Medium | 6.5 | 2026-02-18 10:20:49 | Deep Dive |
| CVE-2026-2419 | WP-DownloadManager <= 1.69 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read via 'download_path' Parameter | gamerz | WP-DownloadManager | Low | 2.7 | 2026-02-18 07:25:40 | Deep Dive |
| CVE-2025-10747 | WP-DownloadManager <= 1.68.11 - Authenticated (Admin+) Arbitrary File Upload | gamerz | WP-DownloadManager | High | 7.2 | 2025-09-26 05:27:21 | Deep Dive |
| CVE-2025-4799 | WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Deletion | gamerz | WP-DownloadManager | High | 7.2 | 2025-06-11 03:41:53 | Deep Dive |
| CVE-2025-4798 | WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Read | gamerz | WP-DownloadManager | Medium | 4.9 | 2025-06-11 03:41:53 | Deep Dive |
| CVE-2024-13426 | WP-Polls <= 2.77.2 - Unauthenticated SQL Injection to Stored Cross-Site Scripting | gamerz | WP-Polls | Medium | 5.4 | 2025-01-22 02:20:25 | Deep Dive |
| CVE-2024-39659 | WordPress WP-PostRatings plugin <= 1.91.1 - Cross Site Scripting (XSS) vulnerability | Lester ‘GaMerZ’ Chan | WP-PostRatings | Medium | 6.5 | 2024-08-01 21:45:11 | Deep Dive |
| CVE-2023-40332 | WordPress WP-PostRatings plugin <= 1.91 - Rating limit Bypass vulnerability | Lester ‘GaMerZ’ Chan | WP-PostRatings | Medium | 5.3 | 2024-06-04 07:18:30 | Deep Dive |
| CVE-2011-10006 | GamerZ WP-PostRatings wp-postratings.php cross site scripting | GamerZ | WP-PostRatings | Low | 3.5 | 2024-04-08 13:00:06 | Deep Dive |
| CVE-2023-22715 | WordPress WP-CommentNavi Plugin <= 1.12.1 is vulnerable to Cross Site Scripting (XSS) | Lester 'GaMerZ' Chan | WP-CommentNavi | Medium | 5.9 | 2023-03-23 12:31:35 | Deep Dive |
| CVE-2022-40130 | WordPress WP-Polls plugin <= 2.76.0 - Auth. Race Condition vulnerability | Lester 'GaMerZ' Chan | WP-Polls (WordPress plugin) | Medium | 4.3 | 2022-11-18 22:31:43 | Deep Dive |
| CVE-2022-36422 | WP-PostRatings plugin <= 1.89 - Rating increase/decrease via race condition | Lester 'GaMerZ' Chan | WP-PostRatings (WordPress plugin) | Medium | 4.3 | 2022-09-09 14:39:53 | Deep Dive |
| CVE-2022-2941 | WP-UserOnline <= 2.88.0 - Authenticated (Admin+) Stored Cross-Site Scripting | gamerz | WP-UserOnline | Medium | 5.5 | 2022-09-06 17:19:00 | Deep Dive |
| CVE-2022-2473 | WP-UserOnline <= 2.87.6 - Authenticated (Admin+) Stored Cross-Site Scripting | gamerz | WP-UserOnline | Medium | 5.5 | 2022-09-06 17:18:58 | Deep Dive |
| CVE-2022-25606 | WordPress WP-DownloadManager plugin <= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities | Lester 'GaMerZ' Chan | WP-DownloadManager (WordPress) | Medium | 4.8 | 2022-03-25 18:02:33 | Deep Dive |
| CVE-2022-25605 | WordPress WP-DownloadManager plugin <= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities | Lester 'GaMerZ' Chan | WP-DownloadManager (WordPress) | Medium | 4.8 | 2022-03-18 18:00:27 | Deep Dive |
| CVE-2021-44760 | WordPress WP-DownloadManager plugin <= 1.68.6 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability | Lester 'GaMerZ' Chan | WP-DownloadManager (WordPress plugin) | Medium | 4.8 | 2022-03-18 18:00:24 | Deep Dive |