Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

PixelGrade — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting PixelGrade. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by PixelGrade:Category IconComments RatingsPixFieldsPixTypesNova BlocksCustomify – Intuitive Website StylingNova Blocks by PixelgradePixProofOpen Hours – Easy Opening HoursStyle Manager
CVE IDTitleCVSSSeverityPublished
CVE-2026-24528 WordPress Nova Blocks plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability — Nova BlocksCWE-79 6.1 -2026-01-23
CVE-2025-68525 WordPress Category Icon plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — Category IconCWE-79 5.9 Medium2025-12-24
CVE-2025-31039 WordPress Category Icon plugin <= 1.0.3 - XML External Entity (XXE) vulnerability — Category IconCWE-611 9.1 Critical2025-06-09
CVE-2025-39425 WordPress Style Manager plugin <= 2.2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Style ManagerCWE-352 4.3 Medium2025-04-17
CVE-2025-31825 WordPress Category Icon plugin <= 1.0.1 - Arbitrary File Download vulnerability — Category IconCWE-22 4.9 Medium2025-04-03
CVE-2025-31819 WordPress Nova Blocks by Pixelgrade plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability — Nova BlocksCWE-79 6.5 Medium2025-04-01
CVE-2024-12813 Open Hours – Easy Opening Hours <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Open Hours – Easy Opening HoursCWE-79 6.4 Medium2025-02-18
CVE-2024-54417 WordPress PixProof plugin <= 2.0.1 - Broken Access Control vulnerability — PixProofCWE-862 5.3 Medium2024-12-16
CVE-2024-8915 Category Icon <= 1.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — Category IconCWE-79 6.4 Medium2024-10-12
CVE-2024-8241 Nova Blocks by Pixelgrade <= 2.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute — Nova Blocks by PixelgradeCWE-79 6.4 Medium2024-09-10
CVE-2023-27633 WordPress Customify Plugin <= 2.10.4 is vulnerable to Cross Site Request Forgery (CSRF) — Customify – Intuitive Website StylingCWE-352 4.3 Medium2023-11-22
CVE-2023-23702 WordPress Comments Ratings Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS) — Comments RatingsCWE-79 4.8 -2023-11-06
CVE-2023-45655 WordPress PixFields Plugin <= 0.7.0 is vulnerable to Cross Site Request Forgery (CSRF) — PixFieldsCWE-352 4.3 Medium2023-10-16
CVE-2023-45654 WordPress Comments Ratings Plugin <= 1.1.7 is vulnerable to Cross Site Request Forgery (CSRF) — Comments RatingsCWE-352 4.3 Medium2023-10-16
CVE-2023-40205 WordPress PixTypes plugin <= 1.4.15 - Cross Site Scripting (XSS) vulnerability — PixTypesCWE-79 7.1 High2023-09-04
CVE-2023-23704 WordPress Comments Ratings Plugin <= 1.1.6 is vulnerable to Cross Site Request Forgery (CSRF) — Comments RatingsCWE-352 4.3 Medium2023-07-11
CVE-2023-25487 WordPress PixTypes Plugin <= 1.4.14 is vulnerable to Cross Site Request Forgery (CSRF) — PixTypesCWE-352 4.3 Medium2023-07-11
CVE-2022-46844 WordPress PixFields Plugin <= 0.7.0 is vulnerable to Cross Site Scripting (XSS) — PixFieldsCWE-79 6.5 Medium2023-05-09

This page lists every published CVE security advisory associated with PixelGrade. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.