Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

smub — Vulnerabilities & Security Advisories 75

Browse all 75 CVE security advisories affecting smub. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products smub:Easy Digital Downloads – eCommerce Payments and Subscriptions made easyCharitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & MoreAll in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase TrafficWPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & MoreSydney ToolboxExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin)Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & MorePhoto Gallery, Sliders, Proofing and Themes – NextGEN GalleryaThemes Addons for ElementorUserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in SecondsGiveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social FollowersCustom Twitter Feeds – A Tweets Widget or X Feed WidgetFeeds for YouTube (YouTube video, channel, and gallery plugin)WP Mail LoggingReviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and MoreEasy WP SMTP – WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and moreContact Form & SMTP Plugin for WordPress by PirateFormsPopup Builder & Popup Maker for WordPress – OptinMonster Email Marketing and Lead GenerationWP Lightbox 2Duplicator – Backups & Migration Plugin – Cloud Backups, Scheduled Backups, & MoreWP Mail SMTP by WPForms – The Most Popular SMTP and Email Log PluginaThemes Starter SitesTransients ManagerSugar Calendar – Events Calendar, Event Tickets, and Events Management PlatformSmash Balloon Social Post Feed – Simple Social Feeds for WordPress
CVE IDTitleCVSSSeverityPaused
CVE-2024-2936 Sydney Toolbox <= 1.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id — Sydney ToolboxCWE-79 6.4 Medium2024-03-29
CVE-2024-1935 Giveaways and Contests by RafflePress <= 1.12.5 - Unauthenticated Stored Cross-Site Scripting — Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social FollowersCWE-79 7.2 High2024-03-13
CVE-2024-0903 User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds <= 1.0.13 - Unauthenticated Stored Cross-Site Scripting — UserFeedback – Create Interactive Feedback Form, User Surveys, and Polls in SecondsCWE-79 5.4 Medium2024-02-22
CVE-2024-0379 Custom Twitter Feeds – A Tweets Widget or X Feed Widget <= 2.2.1 - Cross-Site Request Forgery to Plugin Options Update — Custom Twitter Feeds – A Tweets Widget or X Feed WidgetCWE-352 4.3 Medium2024-02-20
CVE-2024-1447 Sydney Toolbox <= 1.25 - Authenticated (Contributor+) Stored Cross-Site Scripting — Sydney ToolboxCWE-79 6.4 Medium2024-02-20
CVE-2024-0659 Easy Digital Downloads <= 3.2.6 - Authenticated(Shop Manager+) Stored Cross-Site Scripting via variable pricing options — Easy Digital Downloads – eCommerce Payments and Subscriptions made easyCWE-79 5.5 Medium2024-02-05
CVE-2023-6742 Envira Gallery Lite <= 1.8.7.2 - Missing Authorization to Gallery Modification via envira_gallery_insert_images — Envira Gallery – Image Photo Gallery, Albums, Video Gallery, Slideshows & MoreCWE-862 4.3 Medium2024-01-11
CVE-2023-5049 Giveaways and Contests by RafflePress <= 1.12.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social FollowersCWE-79 6.4 Medium2023-10-30
CVE-2023-4841 Feeds for YouTube <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Feeds for YouTube (YouTube video, channel, and gallery plugin)CWE-79 6.4 Medium2023-09-14
CVE-2023-4404 Donation Forms by Charitable <= 1.7.0.12 - Unauthenticated Privilege Escalation — Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & MoreCWE-269 9.8 Critical2023-08-23
CVE-2023-3081 WP Mail Logging <= 1.11.1 - Unauthenticated Stored Cross-Site Scripting via Email — WP Mail LoggingCWE-79 7.2 High2023-07-12
CVE-2019-25145 Contact Form & SMTP Plugin by PirateForms <= 2.5.1 - Unauthenticated HTML injection — Contact Form & SMTP Plugin for WordPress by PirateFormsCWE-79 7.2 High2023-06-07
CVE-2019-25141 Easy WP SMTP <= 1.3.9 - Missing Authorization to Arbitrary Options Update — Easy WP SMTP – WordPress SMTP and Email Logs: Gmail, Office 365, Outlook, Custom SMTP, and moreCWE-862 9.8 Critical2023-06-07
CVE-2023-0586 All in One SEO Pack <= 4.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase TrafficCWE-79 6.4 Medium2023-02-24
CVE-2023-0585 All in One SEO Pack <= 4.2.9 - Authenticated (Administrator+) Stored Cross-Site Scripting — All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase TrafficCWE-79 4.4 Medium2023-02-24

This page lists every published CVE security advisory associated with smub. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.