漏洞标题 CVE-2025-5287: Likes and Dislikes Plugin <= 1.0.0 - Unauthenticated SQL Injection 漏洞描述 The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injec...

漏洞标题 CVE-2024-27956: WordPress Automatic Plugin <= 3.92.0 - SQL Injection 漏洞描述 The Automatic plugin for WordPress is vulnerable to SQL Injection in versions up to, and i...

漏洞标题 CVE-2024-2473: WPS Hide Login <= 1.9.15.2 - Login Page Disclosure 漏洞描述 The WPS Hide Login plugin for WordPress is vulnerable to Login Page Disclosure in all version...

漏洞标题 CVE-2024-13624: WordPress WPMovieLibrary Plugin <= 2.1.4.8 - Cross-Site Scripting 漏洞描述 The WPMovieLibrary WordPress plugin through version 2.1.4.8 contains a reflec...

漏洞标题 CVE-2024-33575: User Meta WP Plugin < 3.1 - Sensitive Information Exposure 漏洞描述 The User Meta is vulnerable to Sensitive Information Exposure in all versions up to,...

漏洞标题 CVE-2024-6460: WordPress Grow by Tradedoubler Plugin < 2.0.22 - Unauthenticated Local File Inclusion 漏洞描述 The Grow by Tradedoubler WordPress plugin through version ...

漏洞标题 CVE-2024-27954: WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF 漏洞描述 WordPress Automatic plugin <3.92.1 is vulnerable to unauthenticated Ar...

漏洞标题 CVE-2024-7313: Shield Security Plugin < 20.0.6 - Cross-Site Scripting 漏洞描述 The Shield Security WordPress plugin before 20.0.6 contains a reflected cross-site script...

漏洞标题 CVE-2024-11921: Give WP Plugin < 3.19.0 - Cross-Site Scripting 漏洞描述 The plugin does not sanitise and escape a parameter before outputting it back in the page, leadi...

漏洞标题 CVE-2024-6651: WordPress File Upload Plugin < 4.24.8 - Cross-Site Scripting 漏洞描述 The WordPress File Upload plugin before version 4.24.8 contains a reflected cross-s...

漏洞标题 CVE-2024-1512: MasterStudy LMS WordPress Plugin <= 3.2.5 - SQL Injection 漏洞描述 The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordP...

漏洞标题 CVE-2024-6289: WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure 漏洞描述 The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the l...

漏洞标题 CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection 漏洞描述 In the latest version (2.8.2 as of writing the article) and below, the plugin...

漏洞标题 CVE-2024-8856: WP Time Capsule Plugin - Remote Code Execution 漏洞描述 The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploa...

漏洞标题 CVE-2024-13322: Ads Pro Plugin <= 4.88 - Unauthenticated SQL Injection 漏洞描述 The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is...

漏洞标题 CVE-2024-8353: GiveWP Donation Plugin <= 3.16.1 - Unauthenticated PHP Object Injection 漏洞描述 The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPr...