Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Fahad Mahmood — Vulnerabilities & Security Advisories 25

Browse all 25 CVE security advisories affecting Fahad Mahmood. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Fahad Mahmood:WP DocsRSS Feed WidgetWP DatepickerKeep Backup DailyEndless Posts NavigationChameleon (WordPress plugin)WP Sort OrderInjection GuardGulri SliderWP Quick ShopAlphabetic PaginationOrder Splitter for WooCommerceExternal Store for ShopifyStock Locations for WooCommerceEasy Upload Files During Checkout
CVE IDTitleCVSSSeverityPublished
CVE-2026-25332 WordPress Endless Posts Navigation plugin <= 2.2.9 - Broken Access Control vulnerability — Endless Posts NavigationCWE-862 7.1AIHighAI2026-02-19
CVE-2026-24990 WordPress WP Docs plugin <= 2.2.8 - Broken Access Control vulnerability — WP DocsCWE-862 8.2AIHighAI2026-02-03
CVE-2025-69349 WordPress RSS Feed Widget plugin <= 3.0.2 - Broken Access Control vulnerability — RSS Feed WidgetCWE-862 5.4 Medium2026-01-06
CVE-2025-62078 WordPress Easy Upload Files During Checkout plugin <= 3.0.0 - Broken Access Control vulnerability — Easy Upload Files During CheckoutCWE-862 4.3 Medium2025-12-31
CVE-2025-47463 WordPress Stock Locations for WooCommerce plugin <= 2.8.6 - Broken Access Control Vulnerability — Stock Locations for WooCommerceCWE-862 7.1 High2025-06-09
CVE-2025-30999 WordPress External Store for Shopify plugin <= 1.5.9 - Local File Inclusion vulnerability — External Store for ShopifyCWE-98 7.5 High2025-06-06
CVE-2025-31089 WordPress Order Splitter for WooCommerce plugin <= 5.3.0 - SQL Injection Vulnerability — Order Splitter for WooCommerceCWE-89 8.5 High2025-04-01
CVE-2025-31417 WordPress WP Docs plugin < 2.2.7 - Broken Access Control vulnerability — WP DocsCWE-862 4.3 Medium2025-03-31
CVE-2025-26751 WordPress Alphabetic Pagination Plugin <= 3.2.1 - Reflected Cross Site Scripting (XSS) vulnerability — Alphabetic PaginationCWE-79 7.1 High2025-02-25
CVE-2025-26779 WordPress Keep Backup Daily plugin <= 2.1.0 - Arbitrary File Download vulnerability — Keep Backup DailyCWE-22 4.9 Medium2025-02-16
CVE-2024-56288 WordPress WP Docs plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability — WP DocsCWE-79 5.9 Medium2025-01-07
CVE-2024-56223 WordPress Gulri Slider plugin <= 3.5.8 - Reflected Cross Site Scripting (XSS) vulnerability — Gulri SliderCWE-79 7.1 High2024-12-31
CVE-2024-54344 WordPress WP Quick Shop plugin <= 1.3.1 - Reflected Cross Site Scripting (XSS) vulnerability — WP Quick ShopCWE-79 7.1 High2024-12-13
CVE-2023-32574 WordPress Injection Guard plugin <= 1.2.1 - Broken Access Control vulnerability — Injection GuardCWE-862 4.3 Medium2024-12-13
CVE-2023-30873 WordPress WP Docs plugin <= 1.9.8 - Broken Access Control — WP DocsCWE-862 5.4 Medium2024-12-09
CVE-2024-47321 WordPress WP Datepicker plugin <= 2.1.1 - Broken Access Control vulnerability — WP DatepickerCWE-862 6.5 Medium2024-11-01
CVE-2024-49629 WordPress Endless Posts Navigation plugin <= 2.2.7 - CSRF to Stored XSS vulnerability — Endless Posts NavigationCWE-352 7.1 High2024-10-20
CVE-2024-48024 WordPress Keep Backup Daily plugin <= 2.1.3 - Sensitive Data Exposure vulnerability — Keep Backup DailyCWE-497 7.5 High2024-10-17
CVE-2024-44042 WordPress WP Datepicker plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability — WP DatepickerCWE-79 5.9 Medium2024-10-06
CVE-2024-31294 WordPress WP Sort Order plugin <= 1.3.1 - Broken Access Control vulnerability — WP Sort OrderCWE-862 4.3 Medium2024-06-09
CVE-2024-35695 WordPress WP Docs plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability — WP DocsCWE-79 6.5 Medium2024-06-08
CVE-2024-35696 WordPress WP Docs plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability — WP DocsCWE-79 7.1 High2024-06-08
CVE-2024-32690 WordPress RSS Feed Widget plugin <= 2.9.7 - Cross Site Scripting (XSS) vulnerability — RSS Feed WidgetCWE-79 5.9 Medium2024-04-22
CVE-2023-32106 WordPress WP Docs Plugin <= 1.9.9 is vulnerable to Cross Site Scripting (XSS) — WP DocsCWE-79 7.1 High2023-08-18
CVE-2022-44736 WordPress Chameleon plugin <= 1.4.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Chameleon (WordPress plugin)CWE-79 4.8 Medium2022-11-17

This page lists every published CVE security advisory associated with Fahad Mahmood. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.