Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Syed Balkhi — Vulnerabilities & Security Advisories 35

Browse all 35 CVE security advisories affecting Syed Balkhi. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Syed Balkhi:aThemes Addons for ElementorUser FeedbackContact Form by WPFormsAll In One SEO PackCharitableBeacon Lead Magnets and Lead CaptureGiveaways and Contests by RafflePressSugar Calendar (Lite)WP Lightbox 2WPFormsFeeds for YouTubeSmash Balloon Social Post FeedAffiliateWP – External Referral LinksCompact ArchivesFloating Social BarSimple Post ExpirationExactMetricsEasy Digital DownloadsCustom Twitter Feeds (Tweets Widget)Table of Contents Plus
CVE IDTitleCVSSSeverityPaused
CVE-2026-40764 WordPress Contact Form by WPForms plugin <= 1.10.0.2 - Cross Site Request Forgery (CSRF) vulnerability — Contact Form by WPFormsCWE-352 8.1 -2026-04-15
CVE-2026-39475 WordPress User Feedback plugin <= 1.10.1 - SQL Injection vulnerability — User FeedbackCWE-89 9.8AICriticalAI2026-04-08
CVE-2026-39476 WordPress User Feedback plugin <= 1.10.1 - Broken Access Control vulnerability — User FeedbackCWE-862 8.2AIHighAI2026-04-08
CVE-2026-25339 WordPress Contact Form by WPForms plugin <= 1.9.8.7 - Sensitive Data Exposure vulnerability — Contact Form by WPFormsCWE-201 7.5 -2026-03-25
CVE-2026-32446 WordPress Contact Form by WPForms plugin <= 1.9.9.3 - Broken Access Control vulnerability — Contact Form by WPFormsCWE-862 9.1 -2026-03-13
CVE-2026-24636 WordPress Sugar Calendar (Lite) plugin <= 3.9.1 - Broken Access Control vulnerability — Sugar Calendar (Lite)CWE-862 4.3 Medium2026-01-23
CVE-2020-36919 WPForms 1.7.8 - Cross-Site Scripting (XSS) — WPFormsCWE-79 6.1 Medium2026-01-13
CVE-2025-68496 WordPress User Feedback plugin <= 1.10.0 - SQL Injection vulnerability — User FeedbackCWE-89 7.6 High2025-12-24
CVE-2025-64295 WordPress All In One SEO Pack plugin <= 4.8.6.1 - Sensitive Data Exposure vulnerability — All In One SEO PackCWE-201 7.5AIHighAI2025-12-18
CVE-2025-67950 WordPress All In One SEO Pack plugin <= 4.9.1 - SQL Injection vulnerability — All In One SEO PackCWE-89 8.5 High2025-12-16
CVE-2025-64635 WordPress Feeds for YouTube plugin <= 2.4.0 - Broken Access Control vulnerability — Feeds for YouTubeCWE-862 5.3 Medium2025-12-16
CVE-2025-66064 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.20 - Cross Site Request Forgery (CSRF) vulnerability — Giveaways and Contests by RafflePressCWE-352 4.3 Medium2025-11-21
CVE-2025-49937 WordPress Smash Balloon Social Post Feed plugin <= 4.3.2 - Broken Access Control vulnerability — Smash Balloon Social Post FeedCWE-862 4.3 Medium2025-10-22
CVE-2025-60112 WordPress aThemes Addons for Elementor Plugin <= 1.1.2 - Cross Site Scripting (XSS) Vulnerability — aThemes Addons for ElementorCWE-79 6.5 Medium2025-09-26
CVE-2025-53460 WordPress AffiliateWP – External Referral Links Plugin <= 1.2.0 - Cross Site Scripting (XSS) Vulnerability — AffiliateWP – External Referral LinksCWE-79 5.9 Medium2025-09-22
CVE-2025-58001 WordPress Compact Archives plugin <= 4.1.0 - Cross Site Scripting (XSS) vulnerability — Compact ArchivesCWE-79 6.5 Medium2025-09-22
CVE-2025-58649 WordPress All In One SEO Pack Plugin <= 4.8.7.1 - Sensitive Data Exposure Vulnerability — All In One SEO PackCWE-201 4.3 Medium2025-09-22
CVE-2025-58650 WordPress All In One SEO Pack Plugin <= 4.8.7.1 - Broken Access Control Vulnerability — All In One SEO PackCWE-862 5.4 Medium2025-09-22
CVE-2025-49997 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.18 - Broken Access Control + CSRF Vulnerability — Giveaways and Contests by RafflePressCWE-862 5.3 Medium2025-06-20
CVE-2025-47596 WordPress Beacon Lead Magnets and Lead Capture plugin <= 1.5.8 - Cross Site Request Forgery (CSRF) vulnerability — Beacon Lead Magnets and Lead CaptureCWE-352 4.3 Medium2025-05-07
CVE-2025-47520 WordPress Charitable plugin <= 1.8.5.1 - Cross Site Scripting (XSS) Vulnerability — CharitableCWE-79 5.9 Medium2025-05-07
CVE-2025-46451 WordPress Floating Social Bar plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability — Floating Social BarCWE-79 5.9 Medium2025-04-24
CVE-2025-24637 WordPress Beacon Lead Magnets and Lead Capture Plugin <= 1.5.7 - Reflected Cross Site Scripting (XSS) vulnerability — Beacon Lead Magnets and Lead CaptureCWE-79 7.1 High2025-04-17
CVE-2025-32158 WordPress aThemes Addons for Elementor plugin <= 1.1.3 - Local File Inclusion vulnerability — aThemes Addons for ElementorCWE-98 7.5 High2025-04-10
CVE-2025-31734 WordPress Simple Post Expiration plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability — Simple Post ExpirationCWE-79 6.5 Medium2025-04-01
CVE-2025-22646 WordPress aThemes Addons for Elementor plugin <= 1.0.8 - Stored Cross Site Scripting (XSS) vulnerability — aThemes Addons for ElementorCWE-79 6.5 Medium2025-03-27
CVE-2025-30770 WordPress Charitable plugin <= 1.8.4.7 - Cross Site Scripting (XSS) Vulnerability — CharitableCWE-79 6.5 Medium2025-03-27
CVE-2025-24750 WordPress ExactMetrics plugin <= 8.1.0 - Broken Access Control vulnerability — ExactMetricsCWE-862 5.4 Medium2025-01-24
CVE-2024-56276 WordPress WPForms Lite plugin <= 1.9.2.2 - Broken Access Control vulnerability — Contact Form by WPFormsCWE-862 4.3 Medium2025-01-07
CVE-2023-40005 WordPress Easy Digital Downloads plugin <= 3.1.5 - Broken Access Control — Easy Digital DownloadsCWE-862 9.1 -2024-12-13

This page lists every published CVE security advisory associated with Syed Balkhi. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.