diff --git a/internal/data/assets/plugin_61646d696e6973747261746f722d7a811c9dc5_gen.json b/internal/data/assets/plugin_61646d696e6973747261746f722d7a811c9dc5_gen.json index 06d86769..63557601 100644 --- a/internal/data/assets/plugin_61646d696e6973747261746f722d7a811c9dc5_gen.json +++ b/internal/data/assets/plugin_61646d696e6973747261746f722d7a811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/204107bc-721c-46a9-a8c3-102240f66fc2/administrator-z","title":"Administrator Z <= 2025.03.04 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"204107bc-721c-46a9-a8c3-102240f66fc2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/204107bc-721c-46a9-a8c3-102240f66fc2?source=api-prod","cve":"CVE-2025-32276","affectedVersions":"<=2025.03.04","severity":"medium"},{"advisoryId":"WPSECADV/WF/2061a442-eccd-4a57-a5c5-a432fcea8394/administrator-z","title":"Administrator Z <= 2022.9.28 - Unauthorized File Upload via ACF\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"2061a442-eccd-4a57-a5c5-a432fcea8394"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2061a442-eccd-4a57-a5c5-a432fcea8394?source=api-prod","affectedVersions":"<=2022.9.28","severity":"medium"},{"advisoryId":"WPSECADV/WF/32725074-5c62-49e0-83f9-c6cb77fb77a4/administrator-z","title":"Administrator Z <= 2025.03.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"32725074-5c62-49e0-83f9-c6cb77fb77a4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/32725074-5c62-49e0-83f9-c6cb77fb77a4?source=api-prod","cve":"CVE-2025-2815","affectedVersions":"<=2025.03.24","severity":"high"},{"advisoryId":"WPSECADV/WF/3bea473d-f97b-4646-9221-deb63e0efe98/administrator-z","title":"Administrator Z <= 2024.10.14 - Authenticated (Subscriber+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"3bea473d-f97b-4646-9221-deb63e0efe98"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3bea473d-f97b-4646-9221-deb63e0efe98?source=api-prod","cve":"CVE-2024-50524","affectedVersions":"<=2024.10.14","severity":"medium"},{"advisoryId":"WPSECADV/WF/a1ee5b10-1694-4991-b3fb-4b3b365fbca6/administrator-z","title":"Administrator Z <= 2025.03.28 - Authenticated (Admin+) Directory Traversal\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"a1ee5b10-1694-4991-b3fb-4b3b365fbca6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a1ee5b10-1694-4991-b3fb-4b3b365fbca6?source=api-prod","cve":"CVE-2025-39598","affectedVersions":"<=2025.03.28","severity":"low"},{"advisoryId":"WPSECADV/WF/c7ffd34b-c1b5-4031-937d-c509f9979116/administrator-z","title":"Administrator Z <= 2025.09.27 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"c7ffd34b-c1b5-4031-937d-c509f9979116"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c7ffd34b-c1b5-4031-937d-c509f9979116?source=api-prod","cve":"CVE-2025-32187","affectedVersions":"<=2025.09.27","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/204107bc-721c-46a9-a8c3-102240f66fc2/administrator-z","title":"Administrator Z < 2026.05.10 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"204107bc-721c-46a9-a8c3-102240f66fc2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/204107bc-721c-46a9-a8c3-102240f66fc2?source=api-prod","cve":"CVE-2025-32276","affectedVersions":"<2026.05.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/2061a442-eccd-4a57-a5c5-a432fcea8394/administrator-z","title":"Administrator Z <= 2022.9.28 - Unauthorized File Upload via ACF\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"2061a442-eccd-4a57-a5c5-a432fcea8394"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2061a442-eccd-4a57-a5c5-a432fcea8394?source=api-prod","affectedVersions":"<=2022.9.28","severity":"medium"},{"advisoryId":"WPSECADV/WF/32725074-5c62-49e0-83f9-c6cb77fb77a4/administrator-z","title":"Administrator Z <= 2025.03.24 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"32725074-5c62-49e0-83f9-c6cb77fb77a4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/32725074-5c62-49e0-83f9-c6cb77fb77a4?source=api-prod","cve":"CVE-2025-2815","affectedVersions":"<=2025.03.24","severity":"high"},{"advisoryId":"WPSECADV/WF/3bea473d-f97b-4646-9221-deb63e0efe98/administrator-z","title":"Administrator Z <= 2024.10.14 - Authenticated (Subscriber+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"3bea473d-f97b-4646-9221-deb63e0efe98"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3bea473d-f97b-4646-9221-deb63e0efe98?source=api-prod","cve":"CVE-2024-50524","affectedVersions":"<=2024.10.14","severity":"medium"},{"advisoryId":"WPSECADV/WF/a1ee5b10-1694-4991-b3fb-4b3b365fbca6/administrator-z","title":"Administrator Z <= 2025.03.28 - Authenticated (Admin+) Directory Traversal\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"a1ee5b10-1694-4991-b3fb-4b3b365fbca6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a1ee5b10-1694-4991-b3fb-4b3b365fbca6?source=api-prod","cve":"CVE-2025-39598","affectedVersions":"<=2025.03.28","severity":"low"},{"advisoryId":"WPSECADV/WF/c7ffd34b-c1b5-4031-937d-c509f9979116/administrator-z","title":"Administrator Z <= 2025.09.27 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"c7ffd34b-c1b5-4031-937d-c509f9979116"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c7ffd34b-c1b5-4031-937d-c509f9979116?source=api-prod","cve":"CVE-2025-32187","affectedVersions":"<=2025.09.27","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_616476616e6365642d637573746f6d2d6669656c64732d70726f811c9dc5_gen.json b/internal/data/assets/plugin_616476616e6365642d637573746f6d2d6669656c64732d70726f811c9dc5_gen.json index 96e5162b..92111fa7 100644 --- a/internal/data/assets/plugin_616476616e6365642d637573746f6d2d6669656c64732d70726f811c9dc5_gen.json +++ b/internal/data/assets/plugin_616476616e6365642d637573746f6d2d6669656c64732d70726f811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/16f40b76-8f69-46de-a3e0-b7124dc74c00/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.3.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"16f40b76-8f69-46de-a3e0-b7124dc74c00"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/16f40b76-8f69-46de-a3e0-b7124dc74c00?source=api-prod","cve":"CVE-2024-37250","affectedVersions":"<=6.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/195cc773-b3ea-4619-af2d-b106a9d23a6a/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.3.1 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"195cc773-b3ea-4619-af2d-b106a9d23a6a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/195cc773-b3ea-4619-af2d-b106a9d23a6a?source=api-prod","cve":"CVE-2024-37251","affectedVersions":"<=6.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/2923afdd-36b7-4181-aade-d757a70a06c0/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.2.9 - Authenticated (Contributor+) Code Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"2923afdd-36b7-4181-aade-d757a70a06c0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2923afdd-36b7-4181-aade-d757a70a06c0?source=api-prod","cve":"CVE-2024-34761","affectedVersions":"<=6.2.9","severity":"critical"},{"advisoryId":"WPSECADV/WF/297c7411-5065-458c-8cad-4f6243610b8a/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.2.9 - Authenticated (Contributor+) Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"297c7411-5065-458c-8cad-4f6243610b8a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/297c7411-5065-458c-8cad-4f6243610b8a?source=api-prod","cve":"CVE-2024-34762","affectedVersions":"<=6.2.9","severity":"high"},{"advisoryId":"WPSECADV/WF/51178e18-ae8b-4a7f-974d-23346a8dbc52/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.3.5 - Authenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"51178e18-ae8b-4a7f-974d-23346a8dbc52"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/51178e18-ae8b-4a7f-974d-23346a8dbc52?source=api-prod","cve":"CVE-2024-45429","affectedVersions":"<=6.3.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/76cd5762-1ad4-4b76-8161-5a4ce4fc8118/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 5.12 - Authenticated Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-03-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"76cd5762-1ad4-4b76-8161-5a4ce4fc8118"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/76cd5762-1ad4-4b76-8161-5a4ce4fc8118?source=api-prod","cve":"CVE-2022-23183","affectedVersions":"<5.12.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/77876d74-5825-4bd8-812e-87061d0470e6/advanced-custom-fields-pro","title":"Advanced Custom Fields PRO 6.1 - 6.1.7 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-08-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"77876d74-5825-4bd8-812e-87061d0470e6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/77876d74-5825-4bd8-812e-87061d0470e6?source=api-prod","affectedVersions":">=6.1,<=6.1.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/878246f7-17c5-4ea0-a450-27244ace2717/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 5.10 - Missing Authorization on Option Changes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"878246f7-17c5-4ea0-a450-27244ace2717"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/878246f7-17c5-4ea0-a450-27244ace2717?source=api-prod","cve":"CVE-2021-20867","affectedVersions":"<5.11","severity":"medium"},{"advisoryId":"WPSECADV/WF/a09771da-a423-42ba-8f59-5c3bd189d9d3/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 5.9.0 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-01-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"a09771da-a423-42ba-8f59-5c3bd189d9d3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a09771da-a423-42ba-8f59-5c3bd189d9d3?source=api-prod","cve":"CVE-2021-24241","affectedVersions":"<5.9.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/afcbad6d-90ca-42cb-a69c-4e0bcc4606e0/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.3.8 - Authenticated (Admin+) Limited Arbitrary Function Call\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"afcbad6d-90ca-42cb-a69c-4e0bcc4606e0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/afcbad6d-90ca-42cb-a69c-4e0bcc4606e0?source=api-prod","cve":"CVE-2024-9529","affectedVersions":"<=6.3.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/b3552de0-3e0b-4529-a757-a31c69a06122/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.3.8 & Secure Custom Fields <= 6.3.6.2 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"b3552de0-3e0b-4529-a757-a31c69a06122"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b3552de0-3e0b-4529-a757-a31c69a06122?source=api-prod","cve":"CVE-2024-49593","affectedVersions":"<=6.3.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/b93e9e84-1675-4128-a018-03833ff75943/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.2.10 - Authenticated (Contributor+) Arbitrary Custom Field Access\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"b93e9e84-1675-4128-a018-03833ff75943"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b93e9e84-1675-4128-a018-03833ff75943?source=api-prod","cve":"CVE-2024-4565","affectedVersions":"<=6.2.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/c51889e4-9ca2-4c3f-addb-8285579324f6/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 5.10 - Missing Authorization to Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"c51889e4-9ca2-4c3f-addb-8285579324f6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c51889e4-9ca2-4c3f-addb-8285579324f6?source=api-prod","cve":"CVE-2021-20865","affectedVersions":"<5.11","severity":"high"},{"advisoryId":"WPSECADV/WF/d8c1823c-72be-4342-b4e9-0dc18afbb4a8/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.3.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"d8c1823c-72be-4342-b4e9-0dc18afbb4a8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d8c1823c-72be-4342-b4e9-0dc18afbb4a8?source=api-prod","cve":"CVE-2024-37250","affectedVersions":"<=6.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e3593dfd-7b2a-4d01-8af0-725b444dc81b/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"e3593dfd-7b2a-4d01-8af0-725b444dc81b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e3593dfd-7b2a-4d01-8af0-725b444dc81b?source=api-prod","cve":"CVE-2023-6701","affectedVersions":"<=6.2.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/e7ae8dcd-00b6-4afc-85bb-6697820bb37c/advanced-custom-fields-pro","title":"Advanced Custom Fields (Free and Pro) 5.8.10 to 5.12.5 & 6.0.0 to 6.1.5 - Reflected Cross-Site Scripting via 'post_status'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"e7ae8dcd-00b6-4afc-85bb-6697820bb37c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e7ae8dcd-00b6-4afc-85bb-6697820bb37c?source=api-prod","cve":"CVE-2023-30777","affectedVersions":">=5.8.10,<=5.12.5|>=6.0.0,<=6.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/f1eb0852-00ef-489a-aa39-7d8603249deb/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 5.10 - Missing Authorization to Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"f1eb0852-00ef-489a-aa39-7d8603249deb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f1eb0852-00ef-489a-aa39-7d8603249deb?source=api-prod","cve":"CVE-2021-20866","affectedVersions":"<5.11","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/16f40b76-8f69-46de-a3e0-b7124dc74c00/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.3.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"16f40b76-8f69-46de-a3e0-b7124dc74c00"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/16f40b76-8f69-46de-a3e0-b7124dc74c00?source=api-prod","cve":"CVE-2024-37250","affectedVersions":"<=6.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/195cc773-b3ea-4619-af2d-b106a9d23a6a/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.3.1 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"195cc773-b3ea-4619-af2d-b106a9d23a6a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/195cc773-b3ea-4619-af2d-b106a9d23a6a?source=api-prod","cve":"CVE-2024-37251","affectedVersions":"<=6.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/2923afdd-36b7-4181-aade-d757a70a06c0/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.2.9 - Authenticated (Contributor+) Code Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"2923afdd-36b7-4181-aade-d757a70a06c0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2923afdd-36b7-4181-aade-d757a70a06c0?source=api-prod","cve":"CVE-2024-34761","affectedVersions":"<=6.2.9","severity":"critical"},{"advisoryId":"WPSECADV/WF/297c7411-5065-458c-8cad-4f6243610b8a/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.2.9 - Authenticated (Contributor+) Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"297c7411-5065-458c-8cad-4f6243610b8a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/297c7411-5065-458c-8cad-4f6243610b8a?source=api-prod","cve":"CVE-2024-34762","affectedVersions":"<=6.2.9","severity":"high"},{"advisoryId":"WPSECADV/WF/51178e18-ae8b-4a7f-974d-23346a8dbc52/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.3.5 - Authenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"51178e18-ae8b-4a7f-974d-23346a8dbc52"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/51178e18-ae8b-4a7f-974d-23346a8dbc52?source=api-prod","cve":"CVE-2024-45429","affectedVersions":"<=6.3.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/536a7b48-abb4-47b8-8665-e06363e2e867/advanced-custom-fields-pro","title":"Advanced Custom Fields PRO < 6.3.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"536a7b48-abb4-47b8-8665-e06363e2e867"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/536a7b48-abb4-47b8-8665-e06363e2e867?source=api-prod","cve":"CVE-2024-37249","affectedVersions":"<6.3.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/76cd5762-1ad4-4b76-8161-5a4ce4fc8118/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 5.12 - Authenticated Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-03-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"76cd5762-1ad4-4b76-8161-5a4ce4fc8118"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/76cd5762-1ad4-4b76-8161-5a4ce4fc8118?source=api-prod","cve":"CVE-2022-23183","affectedVersions":"<5.12.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/77876d74-5825-4bd8-812e-87061d0470e6/advanced-custom-fields-pro","title":"Advanced Custom Fields PRO 6.1 - 6.1.7 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-08-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"77876d74-5825-4bd8-812e-87061d0470e6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/77876d74-5825-4bd8-812e-87061d0470e6?source=api-prod","affectedVersions":">=6.1,<=6.1.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/878246f7-17c5-4ea0-a450-27244ace2717/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 5.10 - Missing Authorization on Option Changes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"878246f7-17c5-4ea0-a450-27244ace2717"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/878246f7-17c5-4ea0-a450-27244ace2717?source=api-prod","cve":"CVE-2021-20867","affectedVersions":"<5.11","severity":"medium"},{"advisoryId":"WPSECADV/WF/a09771da-a423-42ba-8f59-5c3bd189d9d3/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 5.9.0 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-01-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"a09771da-a423-42ba-8f59-5c3bd189d9d3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a09771da-a423-42ba-8f59-5c3bd189d9d3?source=api-prod","cve":"CVE-2021-24241","affectedVersions":"<5.9.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/afcbad6d-90ca-42cb-a69c-4e0bcc4606e0/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.3.8 - Authenticated (Admin+) Limited Arbitrary Function Call\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"afcbad6d-90ca-42cb-a69c-4e0bcc4606e0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/afcbad6d-90ca-42cb-a69c-4e0bcc4606e0?source=api-prod","cve":"CVE-2024-9529","affectedVersions":"<=6.3.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/b3552de0-3e0b-4529-a757-a31c69a06122/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.3.8 & Secure Custom Fields <= 6.3.6.2 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"b3552de0-3e0b-4529-a757-a31c69a06122"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b3552de0-3e0b-4529-a757-a31c69a06122?source=api-prod","cve":"CVE-2024-49593","affectedVersions":"<=6.3.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/b93e9e84-1675-4128-a018-03833ff75943/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.2.10 - Authenticated (Contributor+) Arbitrary Custom Field Access\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"b93e9e84-1675-4128-a018-03833ff75943"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b93e9e84-1675-4128-a018-03833ff75943?source=api-prod","cve":"CVE-2024-4565","affectedVersions":"<=6.2.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/c51889e4-9ca2-4c3f-addb-8285579324f6/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 5.10 - Missing Authorization to Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"c51889e4-9ca2-4c3f-addb-8285579324f6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c51889e4-9ca2-4c3f-addb-8285579324f6?source=api-prod","cve":"CVE-2021-20865","affectedVersions":"<5.11","severity":"high"},{"advisoryId":"WPSECADV/WF/d8c1823c-72be-4342-b4e9-0dc18afbb4a8/advanced-custom-fields-pro","title":"Advanced Custom Fields Pro <= 6.3.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"d8c1823c-72be-4342-b4e9-0dc18afbb4a8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d8c1823c-72be-4342-b4e9-0dc18afbb4a8?source=api-prod","cve":"CVE-2024-37250","affectedVersions":"<=6.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e3593dfd-7b2a-4d01-8af0-725b444dc81b/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 6.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"e3593dfd-7b2a-4d01-8af0-725b444dc81b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e3593dfd-7b2a-4d01-8af0-725b444dc81b?source=api-prod","cve":"CVE-2023-6701","affectedVersions":"<=6.2.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/e7ae8dcd-00b6-4afc-85bb-6697820bb37c/advanced-custom-fields-pro","title":"Advanced Custom Fields (Free and Pro) 5.8.10 to 5.12.5 & 6.0.0 to 6.1.5 - Reflected Cross-Site Scripting via 'post_status'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"e7ae8dcd-00b6-4afc-85bb-6697820bb37c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e7ae8dcd-00b6-4afc-85bb-6697820bb37c?source=api-prod","cve":"CVE-2023-30777","affectedVersions":">=5.8.10,<=5.12.5|>=6.0.0,<=6.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/f1eb0852-00ef-489a-aa39-7d8603249deb/advanced-custom-fields-pro","title":"Advanced Custom Fields <= 5.10 - Missing Authorization to Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"f1eb0852-00ef-489a-aa39-7d8603249deb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f1eb0852-00ef-489a-aa39-7d8603249deb?source=api-prod","cve":"CVE-2021-20866","affectedVersions":"<5.11","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_617a6f6e706f7374811c9dc5_gen.json b/internal/data/assets/plugin_617a6f6e706f7374811c9dc5_gen.json index cb2f186b..332b150a 100644 --- a/internal/data/assets/plugin_617a6f6e706f7374811c9dc5_gen.json +++ b/internal/data/assets/plugin_617a6f6e706f7374811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/4b32cfa8-6e10-4f09-859e-216c94a6560c/azonpost","title":"AzonPost <= 1.3 - [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-11 19:06:23","sources":[{"name":"Wordfence","remoteId":"4b32cfa8-6e10-4f09-859e-216c94a6560c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4b32cfa8-6e10-4f09-859e-216c94a6560c?source=api-prod","cve":"CVE-2026-7437","affectedVersions":"<=1.3","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/4b32cfa8-6e10-4f09-859e-216c94a6560c/azonpost","title":"AzonPost <= 1.3 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-11 19:06:23","sources":[{"name":"Wordfence","remoteId":"4b32cfa8-6e10-4f09-859e-216c94a6560c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4b32cfa8-6e10-4f09-859e-216c94a6560c?source=api-prod","cve":"CVE-2026-7437","affectedVersions":"<=1.3","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_62756e6e7963646e811c9dc5_gen.json b/internal/data/assets/plugin_62756e6e7963646e811c9dc5_gen.json index a4f70e47..ccfb843b 100644 --- a/internal/data/assets/plugin_62756e6e7963646e811c9dc5_gen.json +++ b/internal/data/assets/plugin_62756e6e7963646e811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/3a31147b-791c-436f-9407-43485ec2ef50/bunnycdn","title":"bunny.net – WordPress CDN Plugin <= 2.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"3a31147b-791c-436f-9407-43485ec2ef50"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3a31147b-791c-436f-9407-43485ec2ef50?source=api-prod","cve":"CVE-2024-31361","affectedVersions":"<=2.0.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/926201d1-36bd-451f-a433-862e0484b36d/bunnycdn","title":"bunny.net <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"926201d1-36bd-451f-a433-862e0484b36d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/926201d1-36bd-451f-a433-862e0484b36d?source=api-prod","cve":"CVE-2025-48236","affectedVersions":"<=2.3.0","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/3a31147b-791c-436f-9407-43485ec2ef50/bunnycdn","title":"bunny.net – WordPress CDN Plugin <= 2.0.1 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"3a31147b-791c-436f-9407-43485ec2ef50"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3a31147b-791c-436f-9407-43485ec2ef50?source=api-prod","cve":"CVE-2024-31361","affectedVersions":"<=2.0.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/46f33846-d70e-41bd-b5e1-7c065a2c201f/bunnycdn","title":"bunny.net – WordPress CDN Plugin <= 2.3.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"46f33846-d70e-41bd-b5e1-7c065a2c201f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/46f33846-d70e-41bd-b5e1-7c065a2c201f?source=api-prod","cve":"CVE-2025-68049","affectedVersions":"<=2.3.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/926201d1-36bd-451f-a433-862e0484b36d/bunnycdn","title":"bunny.net <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"926201d1-36bd-451f-a433-862e0484b36d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/926201d1-36bd-451f-a433-862e0484b36d?source=api-prod","cve":"CVE-2025-48236","affectedVersions":"<=2.3.0","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6275732d7469636b65742d626f6f6b696e672d776974682d736561742d7265736572766174696f6e811c9dc5_gen.json b/internal/data/assets/plugin_6275732d7469636b65742d626f6f6b696e672d776974682d736561742d7265736572766174696f6e811c9dc5_gen.json index ecc269d2..d73c30c0 100644 --- a/internal/data/assets/plugin_6275732d7469636b65742d626f6f6b696e672d776974682d736561742d7265736572766174696f6e811c9dc5_gen.json +++ b/internal/data/assets/plugin_6275732d7469636b65742d626f6f6b696e672d776974682d736561742d7265736572766174696f6e811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/8a3a1769-fda2-43ca-b201-35eaeda77c6d/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation < 5.6.5 - Unauthenticated Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"8a3a1769-fda2-43ca-b201-35eaeda77c6d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a3a1769-fda2-43ca-b201-35eaeda77c6d?source=api-prod","cve":"CVE-2026-39572","affectedVersions":"<5.6.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/bbe5d631-8f2a-49a9-aeb8-b9965a5875ca/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.6.2 - Unauthenticated PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"bbe5d631-8f2a-49a9-aeb8-b9965a5875ca"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bbe5d631-8f2a-49a9-aeb8-b9965a5875ca?source=api-prod","cve":"CVE-2026-27095","affectedVersions":"<=5.6.2","severity":"high"},{"advisoryId":"WPSECADV/WF/e9960282-4730-4ee8-b338-adcc57f01cc6/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.2.5 - Unauthenticated Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"e9960282-4730-4ee8-b338-adcc57f01cc6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e9960282-4730-4ee8-b338-adcc57f01cc6?source=api-prod","cve":"CVE-2023-30496","affectedVersions":"<=5.2.5","severity":"high"},{"advisoryId":"WPSECADV/WF/f75c3ed0-3b05-4132-b102-ba64fb8c338d/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.4.3 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"f75c3ed0-3b05-4132-b102-ba64fb8c338d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f75c3ed0-3b05-4132-b102-ba64fb8c338d?source=api-prod","cve":"CVE-2024-49294","affectedVersions":"<=5.4.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/ff2855cb-e4a8-4412-af24-4cee03ae2d43/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.2.3 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-08-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"ff2855cb-e4a8-4412-af24-4cee03ae2d43"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ff2855cb-e4a8-4412-af24-4cee03ae2d43?source=api-prod","cve":"CVE-2023-4067","affectedVersions":"<=5.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/ffc92f28-02bd-48b3-b803-b67feab74db2/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.3.5 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"ffc92f28-02bd-48b3-b803-b67feab74db2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ffc92f28-02bd-48b3-b803-b67feab74db2?source=api-prod","cve":"CVE-2024-43985","affectedVersions":"<=5.3.5","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/8a3a1769-fda2-43ca-b201-35eaeda77c6d/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation < 5.6.5 - Unauthenticated Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"8a3a1769-fda2-43ca-b201-35eaeda77c6d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a3a1769-fda2-43ca-b201-35eaeda77c6d?source=api-prod","cve":"CVE-2026-39572","affectedVersions":"<5.6.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/bbe5d631-8f2a-49a9-aeb8-b9965a5875ca/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.6.2 - Unauthenticated PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"bbe5d631-8f2a-49a9-aeb8-b9965a5875ca"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bbe5d631-8f2a-49a9-aeb8-b9965a5875ca?source=api-prod","cve":"CVE-2026-27095","affectedVersions":"<=5.6.2","severity":"high"},{"advisoryId":"WPSECADV/WF/e2a663f2-212f-4c17-a192-ee8982899fa7/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation < 5.6.8 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"e2a663f2-212f-4c17-a192-ee8982899fa7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e2a663f2-212f-4c17-a192-ee8982899fa7?source=api-prod","cve":"CVE-2025-66105","affectedVersions":"<5.6.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/e9960282-4730-4ee8-b338-adcc57f01cc6/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.2.5 - Unauthenticated Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"e9960282-4730-4ee8-b338-adcc57f01cc6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e9960282-4730-4ee8-b338-adcc57f01cc6?source=api-prod","cve":"CVE-2023-30496","affectedVersions":"<=5.2.5","severity":"high"},{"advisoryId":"WPSECADV/WF/f75c3ed0-3b05-4132-b102-ba64fb8c338d/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.4.3 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"f75c3ed0-3b05-4132-b102-ba64fb8c338d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f75c3ed0-3b05-4132-b102-ba64fb8c338d?source=api-prod","cve":"CVE-2024-49294","affectedVersions":"<=5.4.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/ff2855cb-e4a8-4412-af24-4cee03ae2d43/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.2.3 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-08-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"ff2855cb-e4a8-4412-af24-4cee03ae2d43"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ff2855cb-e4a8-4412-af24-4cee03ae2d43?source=api-prod","cve":"CVE-2023-4067","affectedVersions":"<=5.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/ffc92f28-02bd-48b3-b803-b67feab74db2/bus-ticket-booking-with-seat-reservation","title":"Bus Ticket Booking with Seat Reservation <= 5.3.5 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"ffc92f28-02bd-48b3-b803-b67feab74db2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ffc92f28-02bd-48b3-b803-b67feab74db2?source=api-prod","cve":"CVE-2024-43985","affectedVersions":"<=5.3.5","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_636f6e74696e75616c6c79811c9dc5_gen.json b/internal/data/assets/plugin_636f6e74696e75616c6c79811c9dc5_gen.json new file mode 100644 index 00000000..521aca2f --- /dev/null +++ b/internal/data/assets/plugin_636f6e74696e75616c6c79811c9dc5_gen.json @@ -0,0 +1 @@ +[{"advisoryId":"WPSECADV/WF/d0e6900c-21a3-4b46-bb61-8c41e2234a26/continually","title":"Continually <= 4.3.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'continually_embed_code' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-11 20:38:13","sources":[{"name":"Wordfence","remoteId":"d0e6900c-21a3-4b46-bb61-8c41e2234a26"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d0e6900c-21a3-4b46-bb61-8c41e2234a26?source=api-prod","cve":"CVE-2026-6813","affectedVersions":"<=4.3.1","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_64726f6970811c9dc5_gen.json b/internal/data/assets/plugin_64726f6970811c9dc5_gen.json index 41892a89..2537df17 100644 --- a/internal/data/assets/plugin_64726f6970811c9dc5_gen.json +++ b/internal/data/assets/plugin_64726f6970811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/84141197-b6a7-44fa-8058-e9f192d1d56f/droip","title":"Droip < 2.5.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Settings Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"84141197-b6a7-44fa-8058-e9f192d1d56f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/84141197-b6a7-44fa-8058-e9f192d1d56f?source=api-prod","cve":"CVE-2024-43954","affectedVersions":"<2.5.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a1fc4ce9-ae96-4d8e-bf1c-941ed15d7d1a/droip","title":"Droip < 2.5.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Settings Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"a1fc4ce9-ae96-4d8e-bf1c-941ed15d7d1a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a1fc4ce9-ae96-4d8e-bf1c-941ed15d7d1a?source=api-prod","cve":"CVE-2024-43954","affectedVersions":"<2.5.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/dd129829-9682-4def-a07f-66f9178eeb77/droip","title":"Droip < 2.5.2 - Authenticated (Subscriber+) Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-24 17:25:53","sources":[{"name":"Wordfence","remoteId":"dd129829-9682-4def-a07f-66f9178eeb77"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dd129829-9682-4def-a07f-66f9178eeb77?source=api-prod","cve":"CVE-2025-5831","affectedVersions":"<2.5.2","severity":"high"},{"advisoryId":"WPSECADV/WF/e2e6b451-9835-4887-ade7-b18807223a88/droip","title":"Droip <= 2.2.6 - Missing Authorization to Authenticated (Subscriber+) Many Actions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-24 17:25:41","sources":[{"name":"Wordfence","remoteId":"e2e6b451-9835-4887-ade7-b18807223a88"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e2e6b451-9835-4887-ade7-b18807223a88?source=api-prod","cve":"CVE-2025-5835","affectedVersions":"<=2.2.6","severity":"high"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/1fe40943-d2b5-47e9-bc3b-712b5e161099/droip","title":"Droip < 2.5.2 - Unauthenticated Arbitrary File Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"1fe40943-d2b5-47e9-bc3b-712b5e161099"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1fe40943-d2b5-47e9-bc3b-712b5e161099?source=api-prod","cve":"CVE-2024-43955","affectedVersions":"<2.5.2","severity":"critical"},{"advisoryId":"WPSECADV/WF/84141197-b6a7-44fa-8058-e9f192d1d56f/droip","title":"Droip < 2.5.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Settings Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"84141197-b6a7-44fa-8058-e9f192d1d56f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/84141197-b6a7-44fa-8058-e9f192d1d56f?source=api-prod","cve":"CVE-2024-43954","affectedVersions":"<2.5.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a1fc4ce9-ae96-4d8e-bf1c-941ed15d7d1a/droip","title":"Droip < 2.5.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Settings Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"a1fc4ce9-ae96-4d8e-bf1c-941ed15d7d1a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a1fc4ce9-ae96-4d8e-bf1c-941ed15d7d1a?source=api-prod","cve":"CVE-2024-43954","affectedVersions":"<2.5.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/dd129829-9682-4def-a07f-66f9178eeb77/droip","title":"Droip < 2.5.2 - Authenticated (Subscriber+) Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-24 17:25:53","sources":[{"name":"Wordfence","remoteId":"dd129829-9682-4def-a07f-66f9178eeb77"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dd129829-9682-4def-a07f-66f9178eeb77?source=api-prod","cve":"CVE-2025-5831","affectedVersions":"<2.5.2","severity":"high"},{"advisoryId":"WPSECADV/WF/e2e6b451-9835-4887-ade7-b18807223a88/droip","title":"Droip <= 2.2.6 - Missing Authorization to Authenticated (Subscriber+) Many Actions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-24 17:25:41","sources":[{"name":"Wordfence","remoteId":"e2e6b451-9835-4887-ade7-b18807223a88"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e2e6b451-9835-4887-ade7-b18807223a88?source=api-prod","cve":"CVE-2025-5835","affectedVersions":"<=2.2.6","severity":"high"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_656c652d636f6e646974696f6e73811c9dc5_gen.json b/internal/data/assets/plugin_656c652d636f6e646974696f6e73811c9dc5_gen.json index f7da244d..31de63af 100644 --- a/internal/data/assets/plugin_656c652d636f6e646974696f6e73811c9dc5_gen.json +++ b/internal/data/assets/plugin_656c652d636f6e646974696f6e73811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/152384a2-69e0-41be-b02a-634fca714f4b/ele-conditions","title":"Elementor Element Condition <= 1.0.5 - Authenticated (Editor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"152384a2-69e0-41be-b02a-634fca714f4b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/152384a2-69e0-41be-b02a-634fca714f4b?source=api-prod","cve":"CVE-2025-58796","affectedVersions":"<=1.0.5","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/152384a2-69e0-41be-b02a-634fca714f4b/ele-conditions","title":"Elementor Element Condition <= 1.0.6 - Authenticated (Editor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"152384a2-69e0-41be-b02a-634fca714f4b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/152384a2-69e0-41be-b02a-634fca714f4b?source=api-prod","cve":"CVE-2025-58796","affectedVersions":"<=1.0.6","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_66617374626f74732d61692d63686174626f7473811c9dc5_gen.json b/internal/data/assets/plugin_66617374626f74732d61692d63686174626f7473811c9dc5_gen.json new file mode 100644 index 00000000..08a3ae72 --- /dev/null +++ b/internal/data/assets/plugin_66617374626f74732d61692d63686174626f7473811c9dc5_gen.json @@ -0,0 +1 @@ +[{"advisoryId":"WPSECADV/WF/b861e82a-dbff-491d-8a0a-1bfb9a7798ad/fastbots-ai-chatbots","title":"FastBots <= 1.0.12 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-11 20:37:29","sources":[{"name":"Wordfence","remoteId":"b861e82a-dbff-491d-8a0a-1bfb9a7798ad"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b861e82a-dbff-491d-8a0a-1bfb9a7798ad?source=api-prod","cve":"CVE-2026-6800","affectedVersions":"<=1.0.12","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_666f726d732d666f722d63616d706169676e2d6d6f6e69746f72811c9dc5_gen.json b/internal/data/assets/plugin_666f726d732d666f722d63616d706169676e2d6d6f6e69746f72811c9dc5_gen.json index c6053eeb..9987e5c8 100644 --- a/internal/data/assets/plugin_666f726d732d666f722d63616d706169676e2d6d6f6e69746f72811c9dc5_gen.json +++ b/internal/data/assets/plugin_666f726d732d666f722d63616d706169676e2d6d6f6e69746f72811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/577a2783-244b-4449-a0f2-39d4be521acf/forms-for-campaign-monitor","title":"Campaign Monitor for WordPress <= 2.9.0 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"577a2783-244b-4449-a0f2-39d4be521acf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/577a2783-244b-4449-a0f2-39d4be521acf?source=api-prod","cve":"CVE-2026-0674","affectedVersions":"<=2.9.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/a4d7cab5-1641-4ed3-92c7-ad7594dcb74b/forms-for-campaign-monitor","title":"Campaign Monitor for WordPress <= 2.8.12 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4d7cab5-1641-4ed3-92c7-ad7594dcb74b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4d7cab5-1641-4ed3-92c7-ad7594dcb74b?source=api-prod","cve":"CVE-2023-38474","affectedVersions":"<=2.8.12","severity":"medium"},{"advisoryId":"WPSECADV/WF/babf88c4-6328-4ba2-97e4-e1eaaa549dbb/forms-for-campaign-monitor","title":"Campaign Monitor for WordPress <= 2.8.15 - Unauthenticated Full Path Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"babf88c4-6328-4ba2-97e4-e1eaaa549dbb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/babf88c4-6328-4ba2-97e4-e1eaaa549dbb?source=api-prod","cve":"CVE-2024-6569","affectedVersions":"<=2.8.15","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/577a2783-244b-4449-a0f2-39d4be521acf/forms-for-campaign-monitor","title":"Campaign Monitor for WordPress <= 2.9.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"577a2783-244b-4449-a0f2-39d4be521acf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/577a2783-244b-4449-a0f2-39d4be521acf?source=api-prod","cve":"CVE-2026-0674","affectedVersions":"<=2.9.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/a4d7cab5-1641-4ed3-92c7-ad7594dcb74b/forms-for-campaign-monitor","title":"Campaign Monitor for WordPress <= 2.8.12 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4d7cab5-1641-4ed3-92c7-ad7594dcb74b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4d7cab5-1641-4ed3-92c7-ad7594dcb74b?source=api-prod","cve":"CVE-2023-38474","affectedVersions":"<=2.8.12","severity":"medium"},{"advisoryId":"WPSECADV/WF/babf88c4-6328-4ba2-97e4-e1eaaa549dbb/forms-for-campaign-monitor","title":"Campaign Monitor for WordPress <= 2.8.15 - Unauthenticated Full Path Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"babf88c4-6328-4ba2-97e4-e1eaaa549dbb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/babf88c4-6328-4ba2-97e4-e1eaaa549dbb?source=api-prod","cve":"CVE-2024-6569","affectedVersions":"<=2.8.15","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_68617070792d656c656d656e746f722d6164646f6e73811c9dc5_gen.json b/internal/data/assets/plugin_68617070792d656c656d656e746f722d6164646f6e73811c9dc5_gen.json index 054719b9..a01a9c84 100644 --- a/internal/data/assets/plugin_68617070792d656c656d656e746f722d6164646f6e73811c9dc5_gen.json +++ b/internal/data/assets/plugin_68617070792d656c656d656e746f722d6164646f6e73811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/06ef69f0-34d3-4389-8a81-a4d9922f1468/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.9.1.1 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"06ef69f0-34d3-4389-8a81-a4d9922f1468"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/06ef69f0-34d3-4389-8a81-a4d9922f1468?source=api-prod","cve":"CVE-2023-6632","affectedVersions":"<=3.9.1.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/08208cb1-2d57-49f9-8ac7-b59caa0cf5fa/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Archive Title Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"08208cb1-2d57-49f9-8ac7-b59caa0cf5fa"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/08208cb1-2d57-49f9-8ac7-b59caa0cf5fa?source=api-prod","cve":"CVE-2024-1366","affectedVersions":"<=3.10.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/1453815d-4e28-41ec-9aa4-4fd2899c619a/happy-elementor-addons","title":"Happy Elementor Addons <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"1453815d-4e28-41ec-9aa4-4fd2899c619a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1453815d-4e28-41ec-9aa4-4fd2899c619a?source=api-prod","affectedVersions":"<=3.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/16e7adef-68ab-4dd6-bd80-252622cfe705/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.20.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-22 22:08:35","sources":[{"name":"Wordfence","remoteId":"16e7adef-68ab-4dd6-bd80-252622cfe705"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/16e7adef-68ab-4dd6-bd80-252622cfe705?source=api-prod","cve":"CVE-2025-14635","affectedVersions":"<=3.20.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/1a3fe49b-cc0d-4b29-aae5-46307483b8d4/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.21.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Stored Cross-Site Scripting via Template Conditions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-10 19:04:44","sources":[{"name":"Wordfence","remoteId":"1a3fe49b-cc0d-4b29-aae5-46307483b8d4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1a3fe49b-cc0d-4b29-aae5-46307483b8d4?source=api-prod","cve":"CVE-2026-2918","affectedVersions":"<=3.21.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/1b25df18-dd9a-4b24-8187-283d5f3f334e/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.1 - Missing Authorization via add_row_actions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"1b25df18-dd9a-4b24-8187-283d5f3f334e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1b25df18-dd9a-4b24-8187-283d5f3f334e?source=api-prod","cve":"CVE-2024-24833","affectedVersions":"<=3.10.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/1fc447bc-841c-443f-9949-a0d852762fd9/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.12.3 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"1fc447bc-841c-443f-9949-a0d852762fd9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1fc447bc-841c-443f-9949-a0d852762fd9?source=api-prod","cve":"CVE-2024-48045","affectedVersions":"<=3.12.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/203ab09f-7344-4cab-86bf-0c1ec545d78f/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"203ab09f-7344-4cab-86bf-0c1ec545d78f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/203ab09f-7344-4cab-86bf-0c1ec545d78f?source=api-prod","cve":"CVE-2024-5088","affectedVersions":"<=3.10.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/22e4eb2a-2c2b-4f4f-821e-8d2d7e558364/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Calendly Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"22e4eb2a-2c2b-4f4f-821e-8d2d7e558364"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/22e4eb2a-2c2b-4f4f-821e-8d2d7e558364?source=api-prod","cve":"CVE-2024-3890","affectedVersions":"<=3.10.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/267641fe-7490-4b8f-bb39-9531eefa2c30/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"267641fe-7490-4b8f-bb39-9531eefa2c30"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/267641fe-7490-4b8f-bb39-9531eefa2c30?source=api-prod","cve":"CVE-2024-0438","affectedVersions":"<=3.10.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/27439d44-f2ff-4c20-965f-25d12c83781c/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.8.2 - Cross-Site Request Forgery via handle_optin_optout()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"27439d44-f2ff-4c20-965f-25d12c83781c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/27439d44-f2ff-4c20-965f-25d12c83781c?source=api-prod","cve":"CVE-2023-28989","affectedVersions":"<=3.8.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/2fdf2020-ad80-44c3-89b6-fc2ba067cd33/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-17 14:41:17","sources":[{"name":"Wordfence","remoteId":"2fdf2020-ad80-44c3-89b6-fc2ba067cd33"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2fdf2020-ad80-44c3-89b6-fc2ba067cd33?source=api-prod","cve":"CVE-2024-4865","affectedVersions":"<=3.10.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/415a7201-bdff-4342-9e06-ce0e500cdc7c/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-30 21:24:23","sources":[{"name":"Wordfence","remoteId":"415a7201-bdff-4342-9e06-ce0e500cdc7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/415a7201-bdff-4342-9e06-ce0e500cdc7c?source=api-prod","cve":"CVE-2024-5347","affectedVersions":"<=3.10.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/4688c1ee-335c-4adb-bd68-894ff34d001d/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via title_tag\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"4688c1ee-335c-4adb-bd68-894ff34d001d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4688c1ee-335c-4adb-bd68-894ff34d001d?source=api-prod","cve":"CVE-2024-2786","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/5bfe0a05-6bf9-4acc-bf9d-05079c3b3664/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.11.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via PDF View Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-26 22:45:55","sources":[{"name":"Wordfence","remoteId":"5bfe0a05-6bf9-4acc-bf9d-05079c3b3664"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5bfe0a05-6bf9-4acc-bf9d-05079c3b3664?source=api-prod","cve":"CVE-2024-6627","affectedVersions":"<=3.11.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/64ae36a3-d102-4d51-b685-395283155101/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.9.1.1 - Server Side Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"64ae36a3-d102-4d51-b685-395283155101"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/64ae36a3-d102-4d51-b685-395283155101?source=api-prod","cve":"CVE-2023-51676","affectedVersions":"<3.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/6d1b948a-7a7e-4bdf-af1d-559f34d4baa3/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gradient Heading Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-28 17:53:46","sources":[{"name":"Wordfence","remoteId":"6d1b948a-7a7e-4bdf-af1d-559f34d4baa3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6d1b948a-7a7e-4bdf-af1d-559f34d4baa3?source=api-prod","cve":"CVE-2024-5790","affectedVersions":"<=3.11.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/73e4ec2f-f4e1-469d-a4b7-5a10d44b7a2f/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title HTML Tag\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"73e4ec2f-f4e1-469d-a4b7-5a10d44b7a2f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/73e4ec2f-f4e1-469d-a4b7-5a10d44b7a2f?source=api-prod","cve":"CVE-2024-2788","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/79de2a90-225a-4d3e-b511-d12ede2cface/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"79de2a90-225a-4d3e-b511-d12ede2cface"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/79de2a90-225a-4d3e-b511-d12ede2cface?source=api-prod","cve":"CVE-2024-32698","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/826483d7-948d-46c4-890c-71001b03847c/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group, Photo Stack, & Horizontal Timeline\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"826483d7-948d-46c4-890c-71001b03847c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/826483d7-948d-46c4-890c-71001b03847c?source=api-prod","cve":"CVE-2024-3724","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/84003388-c47c-41db-8d2d-4643aa375a89/happy-elementor-addons","title":"Appsero <= 1.2.1 - Missing Authorization\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"84003388-c47c-41db-8d2d-4643aa375a89"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/84003388-c47c-41db-8d2d-4643aa375a89?source=api-prod","affectedVersions":"<=3.8.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/9234b1ce-032f-487d-b60a-f80c78373238/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.21.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Post Duplication via 'post_id' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-10 19:07:37","sources":[{"name":"Wordfence","remoteId":"9234b1ce-032f-487d-b60a-f80c78373238"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9234b1ce-032f-487d-b60a-f80c78373238?source=api-prod","cve":"CVE-2026-2917","affectedVersions":"<=3.21.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/9f1078b8-f458-46a6-9982-e8d2d1d1b73b/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.12.2 - Authenticated (Contributor+) Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"9f1078b8-f458-46a6-9982-e8d2d1d1b73b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9f1078b8-f458-46a6-9982-e8d2d1d1b73b?source=api-prod","cve":"CVE-2024-8801","affectedVersions":"<=3.12.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a63d6a64-aaba-4744-a372-89e1c0ce00df/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.12.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"a63d6a64-aaba-4744-a372-89e1c0ce00df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a63d6a64-aaba-4744-a372-89e1c0ce00df?source=api-prod","cve":"CVE-2024-47357","affectedVersions":"<=3.12.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/ade7f391-3824-4d0b-8718-f7995170a43d/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"ade7f391-3824-4d0b-8718-f7995170a43d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ade7f391-3824-4d0b-8718-f7995170a43d?source=api-prod","cve":"CVE-2024-3891","affectedVersions":"<=3.10.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/aff10d5a-a2d0-461a-b52b-a25b647eaab4/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Incorrect Authorization to Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"aff10d5a-a2d0-461a-b52b-a25b647eaab4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/aff10d5a-a2d0-461a-b52b-a25b647eaab4?source=api-prod","cve":"CVE-2024-1387","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/b61eb8b7-0d89-47ef-831c-1772d01e2c85/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Author Meta Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"b61eb8b7-0d89-47ef-831c-1772d01e2c85"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b61eb8b7-0d89-47ef-831c-1772d01e2c85?source=api-prod","cve":"CVE-2024-1377","affectedVersions":"<=3.10.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/bb93853b-a6e0-42d1-8b10-b391984603f2/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Calendy\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"bb93853b-a6e0-42d1-8b10-b391984603f2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bb93853b-a6e0-42d1-8b10-b391984603f2?source=api-prod","cve":"CVE-2024-2789","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/c7243f40-5cca-475a-bb27-44fab965bb0e/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 19:30:58","sources":[{"name":"Wordfence","remoteId":"c7243f40-5cca-475a-bb27-44fab965bb0e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c7243f40-5cca-475a-bb27-44fab965bb0e?source=api-prod","cve":"CVE-2024-4478","affectedVersions":"<=3.10.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/ce3cb2e9-6491-4b93-bd98-1ece39171b0c/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.20.4 - Authenticated (Contributor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"ce3cb2e9-6491-4b93-bd98-1ece39171b0c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ce3cb2e9-6491-4b93-bd98-1ece39171b0c?source=api-prod","cve":"CVE-2025-68999","affectedVersions":"<=3.20.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/d295f424-8e18-4a32-8d96-94ce931d125b/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.20.3 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"d295f424-8e18-4a32-8d96-94ce931d125b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d295f424-8e18-4a32-8d96-94ce931d125b?source=api-prod","cve":"CVE-2025-63077","affectedVersions":"<=3.20.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/d55bab2a-5e2e-440e-b4fa-03853679ba22/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"d55bab2a-5e2e-440e-b4fa-03853679ba22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d55bab2a-5e2e-440e-b4fa-03853679ba22?source=api-prod","cve":"CVE-2024-0838","affectedVersions":"<=3.10.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/d9f1ea27-463f-477e-b3c0-691ed84e34a4/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.16.2 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"d9f1ea27-463f-477e-b3c0-691ed84e34a4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d9f1ea27-463f-477e-b3c0-691ed84e34a4?source=api-prod","cve":"CVE-2025-30766","affectedVersions":"<=3.16.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/dae80fc2-3076-4a32-876d-5df1c62de9bd/happy-elementor-addons","title":"Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"dae80fc2-3076-4a32-876d-5df1c62de9bd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dae80fc2-3076-4a32-876d-5df1c62de9bd?source=api-prod","cve":"CVE-2024-5647","affectedVersions":"<=3.12.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/df4b554a-0336-404c-b06c-2bc98c99997d/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.20.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-02 17:49:48","sources":[{"name":"Wordfence","remoteId":"df4b554a-0336-404c-b06c-2bc98c99997d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/df4b554a-0336-404c-b06c-2bc98c99997d?source=api-prod","cve":"CVE-2026-1210","affectedVersions":"<=3.20.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/e60d4528-2ec5-4a4b-be77-0fc012c13720/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"e60d4528-2ec5-4a4b-be77-0fc012c13720"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e60d4528-2ec5-4a4b-be77-0fc012c13720?source=api-prod","cve":"CVE-2024-12852","affectedVersions":"<=3.15.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e75f7e1a-f3bb-4b24-bf04-b83d0e572551/happy-elementor-addons","title":"Happy Addons for Elementor Authenticated (Contributor+) Stored-XSS <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 20:30:53","sources":[{"name":"Wordfence","remoteId":"e75f7e1a-f3bb-4b24-bf04-b83d0e572551"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e75f7e1a-f3bb-4b24-bf04-b83d0e572551?source=api-prod","cve":"CVE-2024-4391","affectedVersions":"<=3.10.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/e869800a-6fbc-4a1a-97fd-92ecbf3305ff/happy-elementor-addons","title":"Appsero <= 1.2.0 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"e869800a-6fbc-4a1a-97fd-92ecbf3305ff"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e869800a-6fbc-4a1a-97fd-92ecbf3305ff?source=api-prod","cve":"CVE-2022-47150","affectedVersions":"<=3.8.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/ea3daad1-74a1-44be-b7ed-b58b806da614/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title HTML Tag\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"ea3daad1-74a1-44be-b7ed-b58b806da614"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ea3daad1-74a1-44be-b7ed-b58b806da614?source=api-prod","cve":"CVE-2024-2787","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/f43e1eed-09f8-44b3-b6fa-d0344f331dd7/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Photo Stack Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"f43e1eed-09f8-44b3-b6fa-d0344f331dd7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f43e1eed-09f8-44b3-b6fa-d0344f331dd7?source=api-prod","cve":"CVE-2024-1498","affectedVersions":"<=3.10.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/f8ec4c5e-fb24-4b74-9ed8-0a9060625aba/happy-elementor-addons","title":"Happy Addons for Elementor <= 2.23.0 & Pro Version < 1.17.0 - Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-04-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"f8ec4c5e-fb24-4b74-9ed8-0a9060625aba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f8ec4c5e-fb24-4b74-9ed8-0a9060625aba?source=api-prod","cve":"CVE-2021-24292","affectedVersions":"<2.24.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/fb037c9f-5d20-46f6-b1ff-34b9d192bad2/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"fb037c9f-5d20-46f6-b1ff-34b9d192bad2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fb037c9f-5d20-46f6-b1ff-34b9d192bad2?source=api-prod","cve":"CVE-2024-5041","affectedVersions":"<=3.10.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/fd192a52-ae12-4706-b3ea-aa69f7393bb8/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.12.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-11 14:44:54","sources":[{"name":"Wordfence","remoteId":"fd192a52-ae12-4706-b3ea-aa69f7393bb8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd192a52-ae12-4706-b3ea-aa69f7393bb8?source=api-prod","cve":"CVE-2024-10538","affectedVersions":"<=3.12.5","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/06ef69f0-34d3-4389-8a81-a4d9922f1468/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.9.1.1 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"06ef69f0-34d3-4389-8a81-a4d9922f1468"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/06ef69f0-34d3-4389-8a81-a4d9922f1468?source=api-prod","cve":"CVE-2023-6632","affectedVersions":"<=3.9.1.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/08208cb1-2d57-49f9-8ac7-b59caa0cf5fa/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Archive Title Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"08208cb1-2d57-49f9-8ac7-b59caa0cf5fa"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/08208cb1-2d57-49f9-8ac7-b59caa0cf5fa?source=api-prod","cve":"CVE-2024-1366","affectedVersions":"<=3.10.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/1453815d-4e28-41ec-9aa4-4fd2899c619a/happy-elementor-addons","title":"Happy Elementor Addons <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"1453815d-4e28-41ec-9aa4-4fd2899c619a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1453815d-4e28-41ec-9aa4-4fd2899c619a?source=api-prod","affectedVersions":"<=3.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/16e7adef-68ab-4dd6-bd80-252622cfe705/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.20.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-22 22:08:35","sources":[{"name":"Wordfence","remoteId":"16e7adef-68ab-4dd6-bd80-252622cfe705"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/16e7adef-68ab-4dd6-bd80-252622cfe705?source=api-prod","cve":"CVE-2025-14635","affectedVersions":"<=3.20.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/1a3fe49b-cc0d-4b29-aae5-46307483b8d4/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.21.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Stored Cross-Site Scripting via Template Conditions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-10 19:04:44","sources":[{"name":"Wordfence","remoteId":"1a3fe49b-cc0d-4b29-aae5-46307483b8d4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1a3fe49b-cc0d-4b29-aae5-46307483b8d4?source=api-prod","cve":"CVE-2026-2918","affectedVersions":"<=3.21.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/1b25df18-dd9a-4b24-8187-283d5f3f334e/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.1 - Missing Authorization via add_row_actions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"1b25df18-dd9a-4b24-8187-283d5f3f334e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1b25df18-dd9a-4b24-8187-283d5f3f334e?source=api-prod","cve":"CVE-2024-24833","affectedVersions":"<=3.10.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/1fc447bc-841c-443f-9949-a0d852762fd9/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.12.3 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"1fc447bc-841c-443f-9949-a0d852762fd9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1fc447bc-841c-443f-9949-a0d852762fd9?source=api-prod","cve":"CVE-2024-48045","affectedVersions":"<=3.12.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/203ab09f-7344-4cab-86bf-0c1ec545d78f/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"203ab09f-7344-4cab-86bf-0c1ec545d78f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/203ab09f-7344-4cab-86bf-0c1ec545d78f?source=api-prod","cve":"CVE-2024-5088","affectedVersions":"<=3.10.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/22e4eb2a-2c2b-4f4f-821e-8d2d7e558364/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Calendly Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"22e4eb2a-2c2b-4f4f-821e-8d2d7e558364"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/22e4eb2a-2c2b-4f4f-821e-8d2d7e558364?source=api-prod","cve":"CVE-2024-3890","affectedVersions":"<=3.10.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/267641fe-7490-4b8f-bb39-9531eefa2c30/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"267641fe-7490-4b8f-bb39-9531eefa2c30"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/267641fe-7490-4b8f-bb39-9531eefa2c30?source=api-prod","cve":"CVE-2024-0438","affectedVersions":"<=3.10.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/27439d44-f2ff-4c20-965f-25d12c83781c/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.8.2 - Cross-Site Request Forgery via handle_optin_optout()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"27439d44-f2ff-4c20-965f-25d12c83781c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/27439d44-f2ff-4c20-965f-25d12c83781c?source=api-prod","cve":"CVE-2023-28989","affectedVersions":"<=3.8.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/2fdf2020-ad80-44c3-89b6-fc2ba067cd33/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via _id Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-17 14:41:17","sources":[{"name":"Wordfence","remoteId":"2fdf2020-ad80-44c3-89b6-fc2ba067cd33"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2fdf2020-ad80-44c3-89b6-fc2ba067cd33?source=api-prod","cve":"CVE-2024-4865","affectedVersions":"<=3.10.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/415a7201-bdff-4342-9e06-ce0e500cdc7c/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-30 21:24:23","sources":[{"name":"Wordfence","remoteId":"415a7201-bdff-4342-9e06-ce0e500cdc7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/415a7201-bdff-4342-9e06-ce0e500cdc7c?source=api-prod","cve":"CVE-2024-5347","affectedVersions":"<=3.10.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/4688c1ee-335c-4adb-bd68-894ff34d001d/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via title_tag\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"4688c1ee-335c-4adb-bd68-894ff34d001d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4688c1ee-335c-4adb-bd68-894ff34d001d?source=api-prod","cve":"CVE-2024-2786","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/5bfe0a05-6bf9-4acc-bf9d-05079c3b3664/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.11.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via PDF View Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-26 22:45:55","sources":[{"name":"Wordfence","remoteId":"5bfe0a05-6bf9-4acc-bf9d-05079c3b3664"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5bfe0a05-6bf9-4acc-bf9d-05079c3b3664?source=api-prod","cve":"CVE-2024-6627","affectedVersions":"<=3.11.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/64ae36a3-d102-4d51-b685-395283155101/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.9.1.1 - Server Side Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"64ae36a3-d102-4d51-b685-395283155101"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/64ae36a3-d102-4d51-b685-395283155101?source=api-prod","cve":"CVE-2023-51676","affectedVersions":"<3.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/6d1b948a-7a7e-4bdf-af1d-559f34d4baa3/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gradient Heading Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-28 17:53:46","sources":[{"name":"Wordfence","remoteId":"6d1b948a-7a7e-4bdf-af1d-559f34d4baa3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6d1b948a-7a7e-4bdf-af1d-559f34d4baa3?source=api-prod","cve":"CVE-2024-5790","affectedVersions":"<=3.11.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/73e4ec2f-f4e1-469d-a4b7-5a10d44b7a2f/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title HTML Tag\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"73e4ec2f-f4e1-469d-a4b7-5a10d44b7a2f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/73e4ec2f-f4e1-469d-a4b7-5a10d44b7a2f?source=api-prod","cve":"CVE-2024-2788","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/79de2a90-225a-4d3e-b511-d12ede2cface/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"79de2a90-225a-4d3e-b511-d12ede2cface"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/79de2a90-225a-4d3e-b511-d12ede2cface?source=api-prod","cve":"CVE-2024-32698","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/826483d7-948d-46c4-890c-71001b03847c/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group, Photo Stack, & Horizontal Timeline\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"826483d7-948d-46c4-890c-71001b03847c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/826483d7-948d-46c4-890c-71001b03847c?source=api-prod","cve":"CVE-2024-3724","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/84003388-c47c-41db-8d2d-4643aa375a89/happy-elementor-addons","title":"Appsero <= 1.2.1 - Missing Authorization\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"84003388-c47c-41db-8d2d-4643aa375a89"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/84003388-c47c-41db-8d2d-4643aa375a89?source=api-prod","affectedVersions":"<=3.8.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/9234b1ce-032f-487d-b60a-f80c78373238/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.21.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Post Duplication via 'post_id' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-10 19:07:37","sources":[{"name":"Wordfence","remoteId":"9234b1ce-032f-487d-b60a-f80c78373238"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9234b1ce-032f-487d-b60a-f80c78373238?source=api-prod","cve":"CVE-2026-2917","affectedVersions":"<=3.21.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/9f1078b8-f458-46a6-9982-e8d2d1d1b73b/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.12.2 - Authenticated (Contributor+) Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"9f1078b8-f458-46a6-9982-e8d2d1d1b73b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9f1078b8-f458-46a6-9982-e8d2d1d1b73b?source=api-prod","cve":"CVE-2024-8801","affectedVersions":"<=3.12.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a63d6a64-aaba-4744-a372-89e1c0ce00df/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.12.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"a63d6a64-aaba-4744-a372-89e1c0ce00df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a63d6a64-aaba-4744-a372-89e1c0ce00df?source=api-prod","cve":"CVE-2024-47357","affectedVersions":"<=3.12.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/ade7f391-3824-4d0b-8718-f7995170a43d/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"ade7f391-3824-4d0b-8718-f7995170a43d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ade7f391-3824-4d0b-8718-f7995170a43d?source=api-prod","cve":"CVE-2024-3891","affectedVersions":"<=3.10.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/aff10d5a-a2d0-461a-b52b-a25b647eaab4/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Incorrect Authorization to Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"aff10d5a-a2d0-461a-b52b-a25b647eaab4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/aff10d5a-a2d0-461a-b52b-a25b647eaab4?source=api-prod","cve":"CVE-2024-1387","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/b61eb8b7-0d89-47ef-831c-1772d01e2c85/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Author Meta Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"b61eb8b7-0d89-47ef-831c-1772d01e2c85"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b61eb8b7-0d89-47ef-831c-1772d01e2c85?source=api-prod","cve":"CVE-2024-1377","affectedVersions":"<=3.10.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/bb93853b-a6e0-42d1-8b10-b391984603f2/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Calendy\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"bb93853b-a6e0-42d1-8b10-b391984603f2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bb93853b-a6e0-42d1-8b10-b391984603f2?source=api-prod","cve":"CVE-2024-2789","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/c7243f40-5cca-475a-bb27-44fab965bb0e/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Stack Group Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 19:30:58","sources":[{"name":"Wordfence","remoteId":"c7243f40-5cca-475a-bb27-44fab965bb0e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c7243f40-5cca-475a-bb27-44fab965bb0e?source=api-prod","cve":"CVE-2024-4478","affectedVersions":"<=3.10.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/cd6dcfe2-91c4-42c1-ada4-91c6f25c4690/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.20.8 - Unauthenticated Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"cd6dcfe2-91c4-42c1-ada4-91c6f25c4690"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cd6dcfe2-91c4-42c1-ada4-91c6f25c4690?source=api-prod","cve":"CVE-2026-25468","affectedVersions":"<=3.20.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/ce3cb2e9-6491-4b93-bd98-1ece39171b0c/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.20.4 - Authenticated (Contributor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"ce3cb2e9-6491-4b93-bd98-1ece39171b0c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ce3cb2e9-6491-4b93-bd98-1ece39171b0c?source=api-prod","cve":"CVE-2025-68999","affectedVersions":"<=3.20.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/d295f424-8e18-4a32-8d96-94ce931d125b/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.20.3 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"d295f424-8e18-4a32-8d96-94ce931d125b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d295f424-8e18-4a32-8d96-94ce931d125b?source=api-prod","cve":"CVE-2025-63077","affectedVersions":"<=3.20.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/d55bab2a-5e2e-440e-b4fa-03853679ba22/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"d55bab2a-5e2e-440e-b4fa-03853679ba22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d55bab2a-5e2e-440e-b4fa-03853679ba22?source=api-prod","cve":"CVE-2024-0838","affectedVersions":"<=3.10.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/d9f1ea27-463f-477e-b3c0-691ed84e34a4/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.16.2 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"d9f1ea27-463f-477e-b3c0-691ed84e34a4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d9f1ea27-463f-477e-b3c0-691ed84e34a4?source=api-prod","cve":"CVE-2025-30766","affectedVersions":"<=3.16.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/dae80fc2-3076-4a32-876d-5df1c62de9bd/happy-elementor-addons","title":"Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"dae80fc2-3076-4a32-876d-5df1c62de9bd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dae80fc2-3076-4a32-876d-5df1c62de9bd?source=api-prod","cve":"CVE-2024-5647","affectedVersions":"<=3.12.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/df4b554a-0336-404c-b06c-2bc98c99997d/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.20.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via '_elementor_data' Meta Field\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-02 17:49:48","sources":[{"name":"Wordfence","remoteId":"df4b554a-0336-404c-b06c-2bc98c99997d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/df4b554a-0336-404c-b06c-2bc98c99997d?source=api-prod","cve":"CVE-2026-1210","affectedVersions":"<=3.20.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/e60d4528-2ec5-4a4b-be77-0fc012c13720/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.15.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"e60d4528-2ec5-4a4b-be77-0fc012c13720"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e60d4528-2ec5-4a4b-be77-0fc012c13720?source=api-prod","cve":"CVE-2024-12852","affectedVersions":"<=3.15.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e75f7e1a-f3bb-4b24-bf04-b83d0e572551/happy-elementor-addons","title":"Happy Addons for Elementor Authenticated (Contributor+) Stored-XSS <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Event Calendar Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 20:30:53","sources":[{"name":"Wordfence","remoteId":"e75f7e1a-f3bb-4b24-bf04-b83d0e572551"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e75f7e1a-f3bb-4b24-bf04-b83d0e572551?source=api-prod","cve":"CVE-2024-4391","affectedVersions":"<=3.10.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/e869800a-6fbc-4a1a-97fd-92ecbf3305ff/happy-elementor-addons","title":"Appsero <= 1.2.0 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"e869800a-6fbc-4a1a-97fd-92ecbf3305ff"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e869800a-6fbc-4a1a-97fd-92ecbf3305ff?source=api-prod","cve":"CVE-2022-47150","affectedVersions":"<=3.8.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/ea3daad1-74a1-44be-b7ed-b58b806da614/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Page Title HTML Tag\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"ea3daad1-74a1-44be-b7ed-b58b806da614"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ea3daad1-74a1-44be-b7ed-b58b806da614?source=api-prod","cve":"CVE-2024-2787","affectedVersions":"<=3.10.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/f43e1eed-09f8-44b3-b6fa-d0344f331dd7/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Photo Stack Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"f43e1eed-09f8-44b3-b6fa-d0344f331dd7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f43e1eed-09f8-44b3-b6fa-d0344f331dd7?source=api-prod","cve":"CVE-2024-1498","affectedVersions":"<=3.10.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/f8ec4c5e-fb24-4b74-9ed8-0a9060625aba/happy-elementor-addons","title":"Happy Addons for Elementor <= 2.23.0 & Pro Version < 1.17.0 - Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-04-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"f8ec4c5e-fb24-4b74-9ed8-0a9060625aba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f8ec4c5e-fb24-4b74-9ed8-0a9060625aba?source=api-prod","cve":"CVE-2021-24292","affectedVersions":"<2.24.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/fb037c9f-5d20-46f6-b1ff-34b9d192bad2/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.10.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"fb037c9f-5d20-46f6-b1ff-34b9d192bad2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fb037c9f-5d20-46f6-b1ff-34b9d192bad2?source=api-prod","cve":"CVE-2024-5041","affectedVersions":"<=3.10.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/fd192a52-ae12-4706-b3ea-aa69f7393bb8/happy-elementor-addons","title":"Happy Addons for Elementor <= 3.12.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Comparison\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-11 14:44:54","sources":[{"name":"Wordfence","remoteId":"fd192a52-ae12-4706-b3ea-aa69f7393bb8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd192a52-ae12-4706-b3ea-aa69f7393bb8?source=api-prod","cve":"CVE-2024-10538","affectedVersions":"<=3.12.5","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6c617465706f696e74811c9dc5_gen.json b/internal/data/assets/plugin_6c617465706f696e74811c9dc5_gen.json index 0f9a4f19..6ee162ac 100644 --- a/internal/data/assets/plugin_6c617465706f696e74811c9dc5_gen.json +++ b/internal/data/assets/plugin_6c617465706f696e74811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/1d641e9e-e690-48ff-a28b-f4068d372aab/latepoint","title":"LatePoint <= 4.9.91 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"1d641e9e-e690-48ff-a28b-f4068d372aab"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1d641e9e-e690-48ff-a28b-f4068d372aab?source=api-prod","cve":"CVE-2024-43992","affectedVersions":"<=4.9.91","severity":"medium"},{"advisoryId":"WPSECADV/WF/1f7aa23c-ffa7-481b-8481-a36c7ed599d8/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-13 18:24:03","sources":[{"name":"Wordfence","remoteId":"1f7aa23c-ffa7-481b-8481-a36c7ed599d8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1f7aa23c-ffa7-481b-8481-a36c7ed599d8?source=api-prod","cve":"CVE-2025-14873","affectedVersions":"<=5.2.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/22bcfd36-ecf9-4d2c-ac94-94ffa0340c4c/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.5 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-02 18:30:30","sources":[{"name":"Wordfence","remoteId":"22bcfd36-ecf9-4d2c-ac94-94ffa0340c4c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/22bcfd36-ecf9-4d2c-ac94-94ffa0340c4c?source=api-prod","cve":"CVE-2026-0617","affectedVersions":"<=5.2.5","severity":"high"},{"advisoryId":"WPSECADV/WF/28e9c77c-5c36-4449-ab90-86f2385ba1ae/latepoint","title":"LatePoint <= 5.1.94 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-29 16:24:39","sources":[{"name":"Wordfence","remoteId":"28e9c77c-5c36-4449-ab90-86f2385ba1ae"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/28e9c77c-5c36-4449-ab90-86f2385ba1ae?source=api-prod","cve":"CVE-2025-6815","affectedVersions":"<=5.1.94","severity":"medium"},{"advisoryId":"WPSECADV/WF/55c5c094-69c0-4e2a-be0c-fab6f1039309/latepoint","title":"LatePoint <= 5.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 15:17:40","sources":[{"name":"Wordfence","remoteId":"55c5c094-69c0-4e2a-be0c-fab6f1039309"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/55c5c094-69c0-4e2a-be0c-fab6f1039309?source=api-prod","cve":"CVE-2026-4785","affectedVersions":"<=5.3.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/5c9a23a3-5eb5-4f5b-bf32-c9d163426f29/latepoint","title":"LatePoint <= 5.0.11 - Unauthenticated Arbitrary User Password Change via SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"5c9a23a3-5eb5-4f5b-bf32-c9d163426f29"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5c9a23a3-5eb5-4f5b-bf32-c9d163426f29?source=api-prod","cve":"CVE-2024-8911","affectedVersions":"<=5.0.11","severity":"critical"},{"advisoryId":"WPSECADV/WF/6215fa9f-06bc-4dc8-b1f5-a3bb75749f1d/latepoint","title":"LatePoint Plugin <= 4.9.9 - Missing Authorization and Sensitive Information Exposure via IDOR\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-13 21:00:45","sources":[{"name":"Wordfence","remoteId":"6215fa9f-06bc-4dc8-b1f5-a3bb75749f1d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6215fa9f-06bc-4dc8-b1f5-a3bb75749f1d?source=api-prod","cve":"CVE-2024-2472","affectedVersions":"<=4.9.9","severity":"critical"},{"advisoryId":"WPSECADV/WF/628b3f53-decd-47ac-a2d1-339ade1e6944/latepoint","title":"LatePoint <= 5.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Customer Cabinet Profile Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-05 18:29:59","sources":[{"name":"Wordfence","remoteId":"628b3f53-decd-47ac-a2d1-339ade1e6944"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/628b3f53-decd-47ac-a2d1-339ade1e6944?source=api-prod","cve":"CVE-2026-7457","affectedVersions":"<=5.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/71e99412-031e-4f4a-9126-dd3a37975246/latepoint","title":"LatePoint <= 5.4.1 - Authenticated (Agent+) Privilege Escalation to Administrator via 'connect-customer-to-wp-user' Ability\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-27 07:23:53","sources":[{"name":"Wordfence","remoteId":"71e99412-031e-4f4a-9126-dd3a37975246"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/71e99412-031e-4f4a-9126-dd3a37975246?source=api-prod","cve":"CVE-2026-6741","affectedVersions":"<=5.4.1","severity":"high"},{"advisoryId":"WPSECADV/WF/7e9acd26-c341-4ece-bcf1-102f953a4b4f/latepoint","title":"Latepoint <= 5.1.92 - Unauthenticated Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"7e9acd26-c341-4ece-bcf1-102f953a4b4f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7e9acd26-c341-4ece-bcf1-102f953a4b4f?source=api-prod","cve":"CVE-2025-3769","affectedVersions":"<=5.1.92","severity":"medium"},{"advisoryId":"WPSECADV/WF/9547c6e9-3dfc-442c-900d-111b1528aa5b/latepoint","title":"LatePoint <= 5.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"9547c6e9-3dfc-442c-900d-111b1528aa5b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9547c6e9-3dfc-442c-900d-111b1528aa5b?source=api-prod","cve":"CVE-2025-30836","affectedVersions":"<=5.1.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/a76a6800-61ae-47e8-9659-47c08535516d/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.6 - Authenticated (Subscriber+) Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"a76a6800-61ae-47e8-9659-47c08535516d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a76a6800-61ae-47e8-9659-47c08535516d?source=api-prod","cve":"CVE-2026-32533","affectedVersions":"<=5.2.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/afec4c8c-a18d-4907-8879-2412f8a1abed/latepoint","title":"LatePoint <= 5.3.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Financial Data Exposure via Sequential Invoice ID\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-16 15:19:09","sources":[{"name":"Wordfence","remoteId":"afec4c8c-a18d-4907-8879-2412f8a1abed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/afec4c8c-a18d-4907-8879-2412f8a1abed?source=api-prod","cve":"CVE-2026-5234","affectedVersions":"<=5.3.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/b3ae93da-57ee-4966-83af-b8c57f9ad7d9/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.7 - Cross-Site Request Forgery in Booking Form Settings Update to Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-10 11:29:15","sources":[{"name":"Wordfence","remoteId":"b3ae93da-57ee-4966-83af-b8c57f9ad7d9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b3ae93da-57ee-4966-83af-b8c57f9ad7d9?source=api-prod","cve":"CVE-2026-2324","affectedVersions":"<=5.2.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/bac8c35b-2afa-4347-b86e-2f16db19a4d3/latepoint","title":"LatePoint <= 5.0.12 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"bac8c35b-2afa-4347-b86e-2f16db19a4d3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bac8c35b-2afa-4347-b86e-2f16db19a4d3?source=api-prod","cve":"CVE-2024-8943","affectedVersions":"<=5.0.12","severity":"critical"},{"advisoryId":"WPSECADV/WF/bd240932-ad50-40b3-94c7-6e885f96c5df/latepoint","title":"LatePoint <= 4.9.91 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"bd240932-ad50-40b3-94c7-6e885f96c5df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bd240932-ad50-40b3-94c7-6e885f96c5df?source=api-prod","cve":"CVE-2024-43945","affectedVersions":"<=4.9.91","severity":"medium"},{"advisoryId":"WPSECADV/WF/bdaa32cd-a148-4554-9fd5-f5b0a5b2d1c3/latepoint","title":"LatePoint <= 5.5.0 - Unauthenticated Account Takeover via Weak Password Recovery Mechanism\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-08 14:16:05","sources":[{"name":"Wordfence","remoteId":"bdaa32cd-a148-4554-9fd5-f5b0a5b2d1c3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bdaa32cd-a148-4554-9fd5-f5b0a5b2d1c3?source=api-prod","cve":"CVE-2026-7652","affectedVersions":"<=5.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/c03ddcf0-6955-4645-b311-c3833ca61455/latepoint","title":"LatePoint <= 5.5.0 - Unauthenticated Stored Cross-Site Scripting via 'booking_form_page_url' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-05 18:41:45","sources":[{"name":"Wordfence","remoteId":"c03ddcf0-6955-4645-b311-c3833ca61455"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c03ddcf0-6955-4645-b311-c3833ca61455?source=api-prod","cve":"CVE-2026-7332","affectedVersions":"<=5.5.0","severity":"high"},{"advisoryId":"WPSECADV/WF/c05575ef-3140-4340-9b4b-1803a8045ce0/latepoint","title":"LatePoint <= 5.1.94 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-29 16:24:40","sources":[{"name":"Wordfence","remoteId":"c05575ef-3140-4340-9b4b-1803a8045ce0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c05575ef-3140-4340-9b4b-1803a8045ce0?source=api-prod","cve":"CVE-2025-6941","affectedVersions":"<=5.1.94","severity":"medium"},{"advisoryId":"WPSECADV/WF/c18ad885-52a8-467b-83f2-aeb0c8be8be0/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.6 - Missing Authorization to Booking Details Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-11 13:37:48","sources":[{"name":"Wordfence","remoteId":"c18ad885-52a8-467b-83f2-aeb0c8be8be0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c18ad885-52a8-467b-83f2-aeb0c8be8be0?source=api-prod","cve":"CVE-2026-1537","affectedVersions":"<=5.2.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/c958880e-6068-4e7d-a780-1251f3ab9bf7/latepoint","title":"LatePoint <= 5.2.7 - Authenticated (Agent+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-02 11:03:51","sources":[{"name":"Wordfence","remoteId":"c958880e-6068-4e7d-a780-1251f3ab9bf7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c958880e-6068-4e7d-a780-1251f3ab9bf7?source=api-prod","cve":"CVE-2026-1566","affectedVersions":"<=5.2.7","severity":"high"},{"advisoryId":"WPSECADV/WF/ca2b6f6e-4cc0-40ae-8969-c82c5a231f41/latepoint","title":"LatePoint <= 5.1.93 - Unauthenticated Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"ca2b6f6e-4cc0-40ae-8969-c82c5a231f41"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ca2b6f6e-4cc0-40ae-8969-c82c5a231f41?source=api-prod","cve":"CVE-2025-6715","affectedVersions":"<=5.1.93","severity":"critical"},{"advisoryId":"WPSECADV/WF/d7389e17-a357-481a-8716-3a93cb6afa7c/latepoint","title":"LatePoint <= 5.1.94 - Unauthenticated Authentication Bypass via load_step Function\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-29 16:24:40","sources":[{"name":"Wordfence","remoteId":"d7389e17-a357-481a-8716-3a93cb6afa7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d7389e17-a357-481a-8716-3a93cb6afa7c?source=api-prod","cve":"CVE-2025-7038","affectedVersions":"<=5.1.94","severity":"high"},{"advisoryId":"WPSECADV/WF/df8a8ce0-7258-40ae-bf73-f8c6185fdd16/latepoint","title":"LatePoint <= 5.1.94 - Cross-Site Request Forgery to Account Takeover via change_password() Function\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-29 16:24:40","sources":[{"name":"Wordfence","remoteId":"df8a8ce0-7258-40ae-bf73-f8c6185fdd16"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/df8a8ce0-7258-40ae-bf73-f8c6185fdd16?source=api-prod","cve":"CVE-2025-7052","affectedVersions":"<=5.1.94","severity":"high"},{"advisoryId":"WPSECADV/WF/e1bbd339-5eb7-4a62-9c68-bcd76507425c/latepoint","title":"LatePoint <= 5.2.7 - Authenticated (Administrator+) SQL Injection via JSON Import\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-02 11:25:27","sources":[{"name":"Wordfence","remoteId":"e1bbd339-5eb7-4a62-9c68-bcd76507425c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e1bbd339-5eb7-4a62-9c68-bcd76507425c?source=api-prod","cve":"CVE-2026-1487","affectedVersions":"<=5.2.7","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/1d641e9e-e690-48ff-a28b-f4068d372aab/latepoint","title":"LatePoint <= 4.9.91 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"1d641e9e-e690-48ff-a28b-f4068d372aab"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1d641e9e-e690-48ff-a28b-f4068d372aab?source=api-prod","cve":"CVE-2024-43992","affectedVersions":"<=4.9.91","severity":"medium"},{"advisoryId":"WPSECADV/WF/1f7aa23c-ffa7-481b-8481-a36c7ed599d8/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-13 18:24:03","sources":[{"name":"Wordfence","remoteId":"1f7aa23c-ffa7-481b-8481-a36c7ed599d8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1f7aa23c-ffa7-481b-8481-a36c7ed599d8?source=api-prod","cve":"CVE-2025-14873","affectedVersions":"<=5.2.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/22bcfd36-ecf9-4d2c-ac94-94ffa0340c4c/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.5 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-02 18:30:30","sources":[{"name":"Wordfence","remoteId":"22bcfd36-ecf9-4d2c-ac94-94ffa0340c4c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/22bcfd36-ecf9-4d2c-ac94-94ffa0340c4c?source=api-prod","cve":"CVE-2026-0617","affectedVersions":"<=5.2.5","severity":"high"},{"advisoryId":"WPSECADV/WF/28e9c77c-5c36-4449-ab90-86f2385ba1ae/latepoint","title":"LatePoint <= 5.1.94 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-29 16:24:39","sources":[{"name":"Wordfence","remoteId":"28e9c77c-5c36-4449-ab90-86f2385ba1ae"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/28e9c77c-5c36-4449-ab90-86f2385ba1ae?source=api-prod","cve":"CVE-2025-6815","affectedVersions":"<=5.1.94","severity":"medium"},{"advisoryId":"WPSECADV/WF/4c437d0f-521a-431f-8c31-a73ff6e9367d/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.5.0 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"4c437d0f-521a-431f-8c31-a73ff6e9367d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4c437d0f-521a-431f-8c31-a73ff6e9367d?source=api-prod","cve":"CVE-2026-7448","affectedVersions":"<=5.5.0","severity":"high"},{"advisoryId":"WPSECADV/WF/55c5c094-69c0-4e2a-be0c-fab6f1039309/latepoint","title":"LatePoint <= 5.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 15:17:40","sources":[{"name":"Wordfence","remoteId":"55c5c094-69c0-4e2a-be0c-fab6f1039309"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/55c5c094-69c0-4e2a-be0c-fab6f1039309?source=api-prod","cve":"CVE-2026-4785","affectedVersions":"<=5.3.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/5c9a23a3-5eb5-4f5b-bf32-c9d163426f29/latepoint","title":"LatePoint <= 5.0.11 - Unauthenticated Arbitrary User Password Change via SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"5c9a23a3-5eb5-4f5b-bf32-c9d163426f29"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5c9a23a3-5eb5-4f5b-bf32-c9d163426f29?source=api-prod","cve":"CVE-2024-8911","affectedVersions":"<=5.0.11","severity":"critical"},{"advisoryId":"WPSECADV/WF/6215fa9f-06bc-4dc8-b1f5-a3bb75749f1d/latepoint","title":"LatePoint Plugin <= 4.9.9 - Missing Authorization and Sensitive Information Exposure via IDOR\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-13 21:00:45","sources":[{"name":"Wordfence","remoteId":"6215fa9f-06bc-4dc8-b1f5-a3bb75749f1d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6215fa9f-06bc-4dc8-b1f5-a3bb75749f1d?source=api-prod","cve":"CVE-2024-2472","affectedVersions":"<=4.9.9","severity":"critical"},{"advisoryId":"WPSECADV/WF/628b3f53-decd-47ac-a2d1-339ade1e6944/latepoint","title":"LatePoint <= 5.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Customer Cabinet Profile Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-05 18:29:59","sources":[{"name":"Wordfence","remoteId":"628b3f53-decd-47ac-a2d1-339ade1e6944"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/628b3f53-decd-47ac-a2d1-339ade1e6944?source=api-prod","cve":"CVE-2026-7457","affectedVersions":"<=5.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/71e99412-031e-4f4a-9126-dd3a37975246/latepoint","title":"LatePoint <= 5.4.1 - Authenticated (Agent+) Privilege Escalation to Administrator via 'connect-customer-to-wp-user' Ability\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-27 07:23:53","sources":[{"name":"Wordfence","remoteId":"71e99412-031e-4f4a-9126-dd3a37975246"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/71e99412-031e-4f4a-9126-dd3a37975246?source=api-prod","cve":"CVE-2026-6741","affectedVersions":"<=5.4.1","severity":"high"},{"advisoryId":"WPSECADV/WF/7e9acd26-c341-4ece-bcf1-102f953a4b4f/latepoint","title":"Latepoint <= 5.1.92 - Unauthenticated Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"7e9acd26-c341-4ece-bcf1-102f953a4b4f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7e9acd26-c341-4ece-bcf1-102f953a4b4f?source=api-prod","cve":"CVE-2025-3769","affectedVersions":"<=5.1.92","severity":"medium"},{"advisoryId":"WPSECADV/WF/9547c6e9-3dfc-442c-900d-111b1528aa5b/latepoint","title":"LatePoint <= 5.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"9547c6e9-3dfc-442c-900d-111b1528aa5b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9547c6e9-3dfc-442c-900d-111b1528aa5b?source=api-prod","cve":"CVE-2025-30836","affectedVersions":"<=5.1.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/a76a6800-61ae-47e8-9659-47c08535516d/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.6 - Authenticated (Subscriber+) Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"a76a6800-61ae-47e8-9659-47c08535516d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a76a6800-61ae-47e8-9659-47c08535516d?source=api-prod","cve":"CVE-2026-32533","affectedVersions":"<=5.2.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/afec4c8c-a18d-4907-8879-2412f8a1abed/latepoint","title":"LatePoint <= 5.3.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Financial Data Exposure via Sequential Invoice ID\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-16 15:19:09","sources":[{"name":"Wordfence","remoteId":"afec4c8c-a18d-4907-8879-2412f8a1abed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/afec4c8c-a18d-4907-8879-2412f8a1abed?source=api-prod","cve":"CVE-2026-5234","affectedVersions":"<=5.3.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/b3ae93da-57ee-4966-83af-b8c57f9ad7d9/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.7 - Cross-Site Request Forgery in Booking Form Settings Update to Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-10 11:29:15","sources":[{"name":"Wordfence","remoteId":"b3ae93da-57ee-4966-83af-b8c57f9ad7d9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b3ae93da-57ee-4966-83af-b8c57f9ad7d9?source=api-prod","cve":"CVE-2026-2324","affectedVersions":"<=5.2.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/bac8c35b-2afa-4347-b86e-2f16db19a4d3/latepoint","title":"LatePoint <= 5.0.12 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"bac8c35b-2afa-4347-b86e-2f16db19a4d3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bac8c35b-2afa-4347-b86e-2f16db19a4d3?source=api-prod","cve":"CVE-2024-8943","affectedVersions":"<=5.0.12","severity":"critical"},{"advisoryId":"WPSECADV/WF/bd240932-ad50-40b3-94c7-6e885f96c5df/latepoint","title":"LatePoint <= 4.9.91 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"bd240932-ad50-40b3-94c7-6e885f96c5df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bd240932-ad50-40b3-94c7-6e885f96c5df?source=api-prod","cve":"CVE-2024-43945","affectedVersions":"<=4.9.91","severity":"medium"},{"advisoryId":"WPSECADV/WF/bdaa32cd-a148-4554-9fd5-f5b0a5b2d1c3/latepoint","title":"LatePoint <= 5.5.0 - Unauthenticated Account Takeover via Weak Password Recovery Mechanism\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-08 14:16:05","sources":[{"name":"Wordfence","remoteId":"bdaa32cd-a148-4554-9fd5-f5b0a5b2d1c3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bdaa32cd-a148-4554-9fd5-f5b0a5b2d1c3?source=api-prod","cve":"CVE-2026-7652","affectedVersions":"<=5.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/c03ddcf0-6955-4645-b311-c3833ca61455/latepoint","title":"LatePoint <= 5.5.0 - Unauthenticated Stored Cross-Site Scripting via 'booking_form_page_url' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-05 18:41:45","sources":[{"name":"Wordfence","remoteId":"c03ddcf0-6955-4645-b311-c3833ca61455"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c03ddcf0-6955-4645-b311-c3833ca61455?source=api-prod","cve":"CVE-2026-7332","affectedVersions":"<=5.5.0","severity":"high"},{"advisoryId":"WPSECADV/WF/c05575ef-3140-4340-9b4b-1803a8045ce0/latepoint","title":"LatePoint <= 5.1.94 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-29 16:24:40","sources":[{"name":"Wordfence","remoteId":"c05575ef-3140-4340-9b4b-1803a8045ce0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c05575ef-3140-4340-9b4b-1803a8045ce0?source=api-prod","cve":"CVE-2025-6941","affectedVersions":"<=5.1.94","severity":"medium"},{"advisoryId":"WPSECADV/WF/c18ad885-52a8-467b-83f2-aeb0c8be8be0/latepoint","title":"LatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.6 - Missing Authorization to Booking Details Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-11 13:37:48","sources":[{"name":"Wordfence","remoteId":"c18ad885-52a8-467b-83f2-aeb0c8be8be0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c18ad885-52a8-467b-83f2-aeb0c8be8be0?source=api-prod","cve":"CVE-2026-1537","affectedVersions":"<=5.2.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/c958880e-6068-4e7d-a780-1251f3ab9bf7/latepoint","title":"LatePoint <= 5.2.7 - Authenticated (Agent+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-02 11:03:51","sources":[{"name":"Wordfence","remoteId":"c958880e-6068-4e7d-a780-1251f3ab9bf7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c958880e-6068-4e7d-a780-1251f3ab9bf7?source=api-prod","cve":"CVE-2026-1566","affectedVersions":"<=5.2.7","severity":"high"},{"advisoryId":"WPSECADV/WF/ca2b6f6e-4cc0-40ae-8969-c82c5a231f41/latepoint","title":"LatePoint <= 5.1.93 - Unauthenticated Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"ca2b6f6e-4cc0-40ae-8969-c82c5a231f41"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ca2b6f6e-4cc0-40ae-8969-c82c5a231f41?source=api-prod","cve":"CVE-2025-6715","affectedVersions":"<=5.1.93","severity":"critical"},{"advisoryId":"WPSECADV/WF/d7389e17-a357-481a-8716-3a93cb6afa7c/latepoint","title":"LatePoint <= 5.1.94 - Unauthenticated Authentication Bypass via load_step Function\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-29 16:24:40","sources":[{"name":"Wordfence","remoteId":"d7389e17-a357-481a-8716-3a93cb6afa7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d7389e17-a357-481a-8716-3a93cb6afa7c?source=api-prod","cve":"CVE-2025-7038","affectedVersions":"<=5.1.94","severity":"high"},{"advisoryId":"WPSECADV/WF/df8a8ce0-7258-40ae-bf73-f8c6185fdd16/latepoint","title":"LatePoint <= 5.1.94 - Cross-Site Request Forgery to Account Takeover via change_password() Function\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-29 16:24:40","sources":[{"name":"Wordfence","remoteId":"df8a8ce0-7258-40ae-bf73-f8c6185fdd16"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/df8a8ce0-7258-40ae-bf73-f8c6185fdd16?source=api-prod","cve":"CVE-2025-7052","affectedVersions":"<=5.1.94","severity":"high"},{"advisoryId":"WPSECADV/WF/e1bbd339-5eb7-4a62-9c68-bcd76507425c/latepoint","title":"LatePoint <= 5.2.7 - Authenticated (Administrator+) SQL Injection via JSON Import\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-02 11:25:27","sources":[{"name":"Wordfence","remoteId":"e1bbd339-5eb7-4a62-9c68-bcd76507425c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e1bbd339-5eb7-4a62-9c68-bcd76507425c?source=api-prod","cve":"CVE-2026-1487","affectedVersions":"<=5.2.7","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6d61737465722d736c69646572811c9dc5_gen.json b/internal/data/assets/plugin_6d61737465722d736c69646572811c9dc5_gen.json index 6d873d39..a1c7cb51 100644 --- a/internal/data/assets/plugin_6d61737465722d736c69646572811c9dc5_gen.json +++ b/internal/data/assets/plugin_6d61737465722d736c69646572811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/0ef6a03b-8373-42e6-a15c-b99b22f5cee0/master-slider","title":"Master Slider <= 3.10.7 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"0ef6a03b-8373-42e6-a15c-b99b22f5cee0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0ef6a03b-8373-42e6-a15c-b99b22f5cee0?source=api-prod","cve":"CVE-2025-39412","affectedVersions":"<=3.10.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/12dc6952-d7a8-46da-ba7b-e8816c9c7cbf/master-slider","title":"Master Slider <= 3.10.0 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"12dc6952-d7a8-46da-ba7b-e8816c9c7cbf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/12dc6952-d7a8-46da-ba7b-e8816c9c7cbf?source=api-prod","cve":"CVE-2024-12173","affectedVersions":"<=3.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/26a7fb51-f40d-46b8-9f52-495716032a1b/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-04 21:15:33","sources":[{"name":"Wordfence","remoteId":"26a7fb51-f40d-46b8-9f52-495716032a1b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26a7fb51-f40d-46b8-9f52-495716032a1b?source=api-prod","cve":"CVE-2024-13757","affectedVersions":"<=3.10.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/2d2fc926-6f9f-4ed9-9598-e39b5e6c6544/master-slider","title":"Master Slider - Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"2d2fc926-6f9f-4ed9-9598-e39b5e6c6544"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d2fc926-6f9f-4ed9-9598-e39b5e6c6544?source=api-prod","cve":"CVE-2023-6382","affectedVersions":"<=3.9.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/35ead2b5-8b50-40e1-9b4a-547d97f34c4e/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-17 14:11:35","sources":[{"name":"Wordfence","remoteId":"35ead2b5-8b50-40e1-9b4a-547d97f34c4e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/35ead2b5-8b50-40e1-9b4a-547d97f34c4e?source=api-prod","cve":"CVE-2024-4375","affectedVersions":"<=3.9.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/5015cfe7-9e5c-4745-b6c3-60e4aa99672d/master-slider","title":"Master Slider <= 3.7.0 - Authenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-11-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"5015cfe7-9e5c-4745-b6c3-60e4aa99672d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5015cfe7-9e5c-4745-b6c3-60e4aa99672d?source=api-prod","cve":"CVE-2018-20368","affectedVersions":"<=3.7.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/5e0a7108-15ef-42d0-adce-fd5b0e6faf3c/master-slider","title":"Master Slider - Responsive Touch Slider <= 3.9.10 - Cross-Site Request Forgery via process_bulk_action\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"5e0a7108-15ef-42d0-adce-fd5b0e6faf3c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5e0a7108-15ef-42d0-adce-fd5b0e6faf3c?source=api-prod","cve":"CVE-2023-6326","affectedVersions":"<=3.9.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/9391474f-8cf8-4e8b-b3e6-39b397b7b6b6/master-slider","title":"Master Slider - Responsive Touch Slider <= 2.5.1 - Authenticated Blind SQL Injection\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-08-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"9391474f-8cf8-4e8b-b3e6-39b397b7b6b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9391474f-8cf8-4e8b-b3e6-39b397b7b6b6?source=api-prod","affectedVersions":"<2.5.2","severity":"high"},{"advisoryId":"WPSECADV/WF/ac6e587c-59b2-4f93-ab88-5e548b52db45/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.9 - Authenticated(Editor+) Stored Cross-Site Scripting via slider callback\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"ac6e587c-59b2-4f93-ab88-5e548b52db45"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ac6e587c-59b2-4f93-ab88-5e548b52db45?source=api-prod","cve":"CVE-2024-0611","affectedVersions":"<=3.9.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/ae8a316f-a9ad-451a-9892-cf5068072a78/master-slider","title":"Master Slider <= 2.7.1 - Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2016-07-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"ae8a316f-a9ad-451a-9892-cf5068072a78"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ae8a316f-a9ad-451a-9892-cf5068072a78?source=api-prod","affectedVersions":"<2.8.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/af9adb6b-f726-4b74-be5c-82fdab0ae1f2/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"af9adb6b-f726-4b74-be5c-82fdab0ae1f2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/af9adb6b-f726-4b74-be5c-82fdab0ae1f2?source=api-prod","cve":"CVE-2024-1449","affectedVersions":"<=3.9.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/c1b93229-55ef-4216-8d48-35e8b6506c19/master-slider","title":"Master Slider <= 3.9.5 - Unauthenticated PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"c1b93229-55ef-4216-8d48-35e8b6506c19"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c1b93229-55ef-4216-8d48-35e8b6506c19?source=api-prod","cve":"CVE-2024-32600","affectedVersions":"<=3.9.5","severity":"critical"},{"advisoryId":"WPSECADV/WF/cc4d09e3-487a-4f12-818a-72ae9a6f33c0/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"cc4d09e3-487a-4f12-818a-72ae9a6f33c0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cc4d09e3-487a-4f12-818a-72ae9a6f33c0?source=api-prod","cve":"CVE-2024-32580","affectedVersions":"<=3.9.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/cd59bee7-5de5-406d-8c1b-654306d68ab8/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-20 17:59:21","sources":[{"name":"Wordfence","remoteId":"cd59bee7-5de5-406d-8c1b-654306d68ab8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cd59bee7-5de5-406d-8c1b-654306d68ab8?source=api-prod","cve":"CVE-2024-4470","affectedVersions":"<=3.9.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/ce37fbd2-8d41-4feb-adf6-7ca0ca54e27a/master-slider","title":"Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-06-16 22:19:54","sources":[{"name":"Wordfence","remoteId":"ce37fbd2-8d41-4feb-adf6-7ca0ca54e27a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ce37fbd2-8d41-4feb-adf6-7ca0ca54e27a?source=api-prod","cve":"CVE-2025-5291","affectedVersions":"<=3.10.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/cebe27ca-ab29-48dd-bb3c-bcbe8573889b/master-slider","title":"Master Slider <= 3.11.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"cebe27ca-ab29-48dd-bb3c-bcbe8573889b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cebe27ca-ab29-48dd-bb3c-bcbe8573889b?source=api-prod","cve":"CVE-2025-58025","affectedVersions":"<=3.11.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/de20d896-1493-43ed-8e0c-c686bf2b32d6/master-slider","title":"Master Slider <= 3.10.0 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"de20d896-1493-43ed-8e0c-c686bf2b32d6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/de20d896-1493-43ed-8e0c-c686bf2b32d6?source=api-prod","cve":"CVE-2024-37222","affectedVersions":"<=3.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/f1dcafe1-bdba-4476-bcc7-ad844da38a01/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_slider Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-04 21:15:20","sources":[{"name":"Wordfence","remoteId":"f1dcafe1-bdba-4476-bcc7-ad844da38a01"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f1dcafe1-bdba-4476-bcc7-ad844da38a01?source=api-prod","cve":"CVE-2024-11731","affectedVersions":"<=3.10.7","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/0ef6a03b-8373-42e6-a15c-b99b22f5cee0/master-slider","title":"Master Slider <= 3.11.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"0ef6a03b-8373-42e6-a15c-b99b22f5cee0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0ef6a03b-8373-42e6-a15c-b99b22f5cee0?source=api-prod","cve":"CVE-2025-39412","affectedVersions":"<=3.11.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/12dc6952-d7a8-46da-ba7b-e8816c9c7cbf/master-slider","title":"Master Slider <= 3.10.0 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"12dc6952-d7a8-46da-ba7b-e8816c9c7cbf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/12dc6952-d7a8-46da-ba7b-e8816c9c7cbf?source=api-prod","cve":"CVE-2024-12173","affectedVersions":"<=3.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/26a7fb51-f40d-46b8-9f52-495716032a1b/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.10.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-04 21:15:33","sources":[{"name":"Wordfence","remoteId":"26a7fb51-f40d-46b8-9f52-495716032a1b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26a7fb51-f40d-46b8-9f52-495716032a1b?source=api-prod","cve":"CVE-2024-13757","affectedVersions":"<=3.10.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/2d2fc926-6f9f-4ed9-9598-e39b5e6c6544/master-slider","title":"Master Slider - Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"2d2fc926-6f9f-4ed9-9598-e39b5e6c6544"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d2fc926-6f9f-4ed9-9598-e39b5e6c6544?source=api-prod","cve":"CVE-2023-6382","affectedVersions":"<=3.9.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/35ead2b5-8b50-40e1-9b4a-547d97f34c4e/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-17 14:11:35","sources":[{"name":"Wordfence","remoteId":"35ead2b5-8b50-40e1-9b4a-547d97f34c4e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/35ead2b5-8b50-40e1-9b4a-547d97f34c4e?source=api-prod","cve":"CVE-2024-4375","affectedVersions":"<=3.9.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/5015cfe7-9e5c-4745-b6c3-60e4aa99672d/master-slider","title":"Master Slider <= 3.7.0 - Authenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-11-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"5015cfe7-9e5c-4745-b6c3-60e4aa99672d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5015cfe7-9e5c-4745-b6c3-60e4aa99672d?source=api-prod","cve":"CVE-2018-20368","affectedVersions":"<=3.7.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/5e0a7108-15ef-42d0-adce-fd5b0e6faf3c/master-slider","title":"Master Slider - Responsive Touch Slider <= 3.9.10 - Cross-Site Request Forgery via process_bulk_action\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"5e0a7108-15ef-42d0-adce-fd5b0e6faf3c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5e0a7108-15ef-42d0-adce-fd5b0e6faf3c?source=api-prod","cve":"CVE-2023-6326","affectedVersions":"<=3.9.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/9391474f-8cf8-4e8b-b3e6-39b397b7b6b6/master-slider","title":"Master Slider - Responsive Touch Slider <= 2.5.1 - Authenticated Blind SQL Injection\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-08-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"9391474f-8cf8-4e8b-b3e6-39b397b7b6b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9391474f-8cf8-4e8b-b3e6-39b397b7b6b6?source=api-prod","affectedVersions":"<2.5.2","severity":"high"},{"advisoryId":"WPSECADV/WF/ac6e587c-59b2-4f93-ab88-5e548b52db45/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.9 - Authenticated(Editor+) Stored Cross-Site Scripting via slider callback\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"ac6e587c-59b2-4f93-ab88-5e548b52db45"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ac6e587c-59b2-4f93-ab88-5e548b52db45?source=api-prod","cve":"CVE-2024-0611","affectedVersions":"<=3.9.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/ae8a316f-a9ad-451a-9892-cf5068072a78/master-slider","title":"Master Slider <= 2.7.1 - Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2016-07-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"ae8a316f-a9ad-451a-9892-cf5068072a78"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ae8a316f-a9ad-451a-9892-cf5068072a78?source=api-prod","affectedVersions":"<2.8.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/af9adb6b-f726-4b74-be5c-82fdab0ae1f2/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"af9adb6b-f726-4b74-be5c-82fdab0ae1f2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/af9adb6b-f726-4b74-be5c-82fdab0ae1f2?source=api-prod","cve":"CVE-2024-1449","affectedVersions":"<=3.9.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/c1b93229-55ef-4216-8d48-35e8b6506c19/master-slider","title":"Master Slider <= 3.9.5 - Unauthenticated PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"c1b93229-55ef-4216-8d48-35e8b6506c19"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c1b93229-55ef-4216-8d48-35e8b6506c19?source=api-prod","cve":"CVE-2024-32600","affectedVersions":"<=3.9.5","severity":"critical"},{"advisoryId":"WPSECADV/WF/cc4d09e3-487a-4f12-818a-72ae9a6f33c0/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"cc4d09e3-487a-4f12-818a-72ae9a6f33c0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cc4d09e3-487a-4f12-818a-72ae9a6f33c0?source=api-prod","cve":"CVE-2024-32580","affectedVersions":"<=3.9.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/cd59bee7-5de5-406d-8c1b-654306d68ab8/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-20 17:59:21","sources":[{"name":"Wordfence","remoteId":"cd59bee7-5de5-406d-8c1b-654306d68ab8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cd59bee7-5de5-406d-8c1b-654306d68ab8?source=api-prod","cve":"CVE-2024-4470","affectedVersions":"<=3.9.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/ce37fbd2-8d41-4feb-adf6-7ca0ca54e27a/master-slider","title":"Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-06-16 22:19:54","sources":[{"name":"Wordfence","remoteId":"ce37fbd2-8d41-4feb-adf6-7ca0ca54e27a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ce37fbd2-8d41-4feb-adf6-7ca0ca54e27a?source=api-prod","cve":"CVE-2025-5291","affectedVersions":"<=3.10.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/cebe27ca-ab29-48dd-bb3c-bcbe8573889b/master-slider","title":"Master Slider <= 3.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"cebe27ca-ab29-48dd-bb3c-bcbe8573889b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cebe27ca-ab29-48dd-bb3c-bcbe8573889b?source=api-prod","cve":"CVE-2025-58025","affectedVersions":"<=3.11.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/de20d896-1493-43ed-8e0c-c686bf2b32d6/master-slider","title":"Master Slider <= 3.10.0 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"de20d896-1493-43ed-8e0c-c686bf2b32d6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/de20d896-1493-43ed-8e0c-c686bf2b32d6?source=api-prod","cve":"CVE-2024-37222","affectedVersions":"<=3.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/f1dcafe1-bdba-4476-bcc7-ad844da38a01/master-slider","title":"Master Slider – Responsive Touch Slider <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_slider Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-04 21:15:20","sources":[{"name":"Wordfence","remoteId":"f1dcafe1-bdba-4476-bcc7-ad844da38a01"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f1dcafe1-bdba-4476-bcc7-ad844da38a01?source=api-prod","cve":"CVE-2024-11731","affectedVersions":"<=3.10.7","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6d6f746976652d636f6d6d657263652d736561726368811c9dc5_gen.json b/internal/data/assets/plugin_6d6f746976652d636f6d6d657263652d736561726368811c9dc5_gen.json new file mode 100644 index 00000000..729c948e --- /dev/null +++ b/internal/data/assets/plugin_6d6f746976652d636f6d6d657263652d736561726368811c9dc5_gen.json @@ -0,0 +1 @@ +[{"advisoryId":"WPSECADV/WF/4d5d7c62-e420-4ef7-b6ac-4139536c222a/motive-commerce-search","title":"AI Product Search for WooCommerce – Motive Commerce Search <= 1.38.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"4d5d7c62-e420-4ef7-b6ac-4139536c222a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4d5d7c62-e420-4ef7-b6ac-4139536c222a?source=api-prod","cve":"CVE-2026-42664","affectedVersions":"<=1.38.2","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6d6f746f72732d6361722d6465616c6572736869702d636c61737369666965642d6c697374696e6773811c9dc5_gen.json b/internal/data/assets/plugin_6d6f746f72732d6361722d6465616c6572736869702d636c61737369666965642d6c697374696e6773811c9dc5_gen.json index 315d39b9..f05c6af9 100644 --- a/internal/data/assets/plugin_6d6f746f72732d6361722d6465616c6572736869702d636c61737369666965642d6c697374696e6773811c9dc5_gen.json +++ b/internal/data/assets/plugin_6d6f746f72732d6361722d6465616c6572736869702d636c61737369666965642d6c697374696e6773811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/04fd2d7a-fa75-4b9d-9514-5c24ca5ebc22/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.57 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Listing Template Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-21 14:06:43","sources":[{"name":"Wordfence","remoteId":"04fd2d7a-fa75-4b9d-9514-5c24ca5ebc22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/04fd2d7a-fa75-4b9d-9514-5c24ca5ebc22?source=api-prod","cve":"CVE-2024-13737","affectedVersions":"<=1.4.57","severity":"medium"},{"advisoryId":"WPSECADV/WF/0ca9e920-3c7a-4991-8c24-2e55c4f4767c/motors-car-dealership-classified-listings","title":"Motors – Car Dealer & Classified Ads <= 1.4.5 - Cross-Site Request Forgery via Multiple Functions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"0ca9e920-3c7a-4991-8c24-2e55c4f4767c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0ca9e920-3c7a-4991-8c24-2e55c4f4767c?source=api-prod","cve":"CVE-2022-38716","affectedVersions":"<=1.4.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/1638145c-2bc8-45d4-904e-b1aba124a0e3/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.0 - Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-09-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"1638145c-2bc8-45d4-904e-b1aba124a0e3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1638145c-2bc8-45d4-904e-b1aba124a0e3?source=api-prod","cve":"CVE-2019-17229","affectedVersions":"<1.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/1f06b855-c1e1-4378-a340-9dda2919fb83/motors-car-dealership-classified-listings","title":"Motors – Car Dealer & Classified Ads <= 1.4.6 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"1f06b855-c1e1-4378-a340-9dda2919fb83"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1f06b855-c1e1-4378-a340-9dda2919fb83?source=api-prod","cve":"CVE-2023-46208","affectedVersions":"<=1.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/414636bc-3fab-41f9-9d4b-17ca1ac8a3df/motors-car-dealership-classified-listings","title":"Motors <= 1.4.71 - Unauthenticated Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"414636bc-3fab-41f9-9d4b-17ca1ac8a3df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/414636bc-3fab-41f9-9d4b-17ca1ac8a3df?source=api-prod","cve":"CVE-2025-32654","affectedVersions":"<=1.4.71","severity":"critical"},{"advisoryId":"WPSECADV/WF/427d2649-541b-4534-b1cc-0fde879c4f78/motors-car-dealership-classified-listings","title":"Motors <= 1.4.71 - Authenticated (Contributor+) Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"427d2649-541b-4534-b1cc-0fde879c4f78"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/427d2649-541b-4534-b1cc-0fde879c4f78?source=api-prod","cve":"CVE-2025-32142","affectedVersions":"<=1.4.71","severity":"high"},{"advisoryId":"WPSECADV/WF/437423f0-978f-4c7c-9ec3-40668c630c93/motors-car-dealership-classified-listings","title":"Motors – Car Dealer & Classified Ads <= 1.4.6 - Server Side Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"437423f0-978f-4c7c-9ec3-40668c630c93"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/437423f0-978f-4c7c-9ec3-40668c630c93?source=api-prod","cve":"CVE-2023-46207","affectedVersions":"<=1.4.6","severity":"high"},{"advisoryId":"WPSECADV/WF/570bca1e-78d0-49e8-8919-eba19f9457b9/motors-car-dealership-classified-listings","title":"Motors Car Dealer & Classified Ads <= 1.4.0 - Unauthenticated Settings Import/Export\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-09-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"570bca1e-78d0-49e8-8919-eba19f9457b9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/570bca1e-78d0-49e8-8919-eba19f9457b9?source=api-prod","cve":"CVE-2019-17228","affectedVersions":"<1.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/60693832-ff40-4173-95d9-822630e3403e/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin < 1.4.107 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"60693832-ff40-4173-95d9-822630e3403e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/60693832-ff40-4173-95d9-822630e3403e?source=api-prod","cve":"CVE-2026-39515","affectedVersions":"<1.4.107","severity":"medium"},{"advisoryId":"WPSECADV/WF/62731e0e-8843-4f79-b887-c595fbefae26/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.9 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-01 18:52:36","sources":[{"name":"Wordfence","remoteId":"62731e0e-8843-4f79-b887-c595fbefae26"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/62731e0e-8843-4f79-b887-c595fbefae26?source=api-prod","cve":"CVE-2024-5545","affectedVersions":"<=1.4.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/733f7666-468a-455c-a953-3d8946940f13/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin <= 1.4.64 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-07 20:33:10","sources":[{"name":"Wordfence","remoteId":"733f7666-468a-455c-a953-3d8946940f13"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/733f7666-468a-455c-a953-3d8946940f13?source=api-prod","cve":"CVE-2025-2807","affectedVersions":"<=1.4.64","severity":"high"},{"advisoryId":"WPSECADV/WF/90e420be-fe6e-4a35-9c06-f0d360c9f9bf/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin <= 1.4.63 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"90e420be-fe6e-4a35-9c06-f0d360c9f9bf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/90e420be-fe6e-4a35-9c06-f0d360c9f9bf?source=api-prod","cve":"CVE-2025-2808","affectedVersions":"<=1.4.63","severity":"medium"},{"advisoryId":"WPSECADV/WF/cb334b74-5561-4ac7-b321-397600e26d06/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.3 - Unauthenticated Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb334b74-5561-4ac7-b321-397600e26d06"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb334b74-5561-4ac7-b321-397600e26d06?source=api-prod","cve":"CVE-2022-3989","affectedVersions":"<=1.4.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/d0af6050-8602-4ed3-b017-c10aa023849b/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"d0af6050-8602-4ed3-b017-c10aa023849b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d0af6050-8602-4ed3-b017-c10aa023849b?source=api-prod","cve":"CVE-2025-3437","affectedVersions":"<=1.4.66","severity":"medium"},{"advisoryId":"WPSECADV/WF/e6066890-75b9-468d-9f67-78e93f58dcc1/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin <= 1.4.89 - Authenticated (Subscriber+) Arbitrary File Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-07 14:44:40","sources":[{"name":"Wordfence","remoteId":"e6066890-75b9-468d-9f67-78e93f58dcc1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e6066890-75b9-468d-9f67-78e93f58dcc1?source=api-prod","cve":"CVE-2025-10494","affectedVersions":"<=1.4.89","severity":"high"},{"advisoryId":"WPSECADV/WF/f693b48b-9b16-44cc-aded-ded979a3541c/motors-car-dealership-classified-listings","title":"Motors <= 1.4.80 - Unauthenticated Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"f693b48b-9b16-44cc-aded-ded979a3541c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f693b48b-9b16-44cc-aded-ded979a3541c?source=api-prod","cve":"CVE-2025-54691","affectedVersions":"<=1.4.80","severity":"medium"},{"advisoryId":"WPSECADV/WF/fc58c679-3e87-4bcc-b1bc-718ae52c291a/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.43 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom Title\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-15 11:56:38","sources":[{"name":"Wordfence","remoteId":"fc58c679-3e87-4bcc-b1bc-718ae52c291a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fc58c679-3e87-4bcc-b1bc-718ae52c291a?source=api-prod","cve":"CVE-2024-10970","affectedVersions":"<=1.4.43","severity":"medium"},{"advisoryId":"WPSECADV/WF/fd47e990-b48f-486e-87ac-2bb68d440ba8/motors-car-dealership-classified-listings","title":"Motors <= 1.4.71 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"fd47e990-b48f-486e-87ac-2bb68d440ba8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd47e990-b48f-486e-87ac-2bb68d440ba8?source=api-prod","cve":"CVE-2025-32170","affectedVersions":"<=1.4.71","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/04fd2d7a-fa75-4b9d-9514-5c24ca5ebc22/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.57 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Listing Template Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-21 14:06:43","sources":[{"name":"Wordfence","remoteId":"04fd2d7a-fa75-4b9d-9514-5c24ca5ebc22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/04fd2d7a-fa75-4b9d-9514-5c24ca5ebc22?source=api-prod","cve":"CVE-2024-13737","affectedVersions":"<=1.4.57","severity":"medium"},{"advisoryId":"WPSECADV/WF/0ca9e920-3c7a-4991-8c24-2e55c4f4767c/motors-car-dealership-classified-listings","title":"Motors – Car Dealer & Classified Ads <= 1.4.5 - Cross-Site Request Forgery via Multiple Functions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"0ca9e920-3c7a-4991-8c24-2e55c4f4767c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0ca9e920-3c7a-4991-8c24-2e55c4f4767c?source=api-prod","cve":"CVE-2022-38716","affectedVersions":"<=1.4.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/1638145c-2bc8-45d4-904e-b1aba124a0e3/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.0 - Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-09-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"1638145c-2bc8-45d4-904e-b1aba124a0e3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1638145c-2bc8-45d4-904e-b1aba124a0e3?source=api-prod","cve":"CVE-2019-17229","affectedVersions":"<1.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/1f06b855-c1e1-4378-a340-9dda2919fb83/motors-car-dealership-classified-listings","title":"Motors – Car Dealer & Classified Ads <= 1.4.6 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"1f06b855-c1e1-4378-a340-9dda2919fb83"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1f06b855-c1e1-4378-a340-9dda2919fb83?source=api-prod","cve":"CVE-2023-46208","affectedVersions":"<=1.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/34062e9a-48c2-4676-ab7d-b6334f248e8a/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin <= 1.4.103 - Missing Authorization to Authenticated (Subscriber+) Payment Bypass via 'stm_payment_status' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-11 19:56:14","sources":[{"name":"Wordfence","remoteId":"34062e9a-48c2-4676-ab7d-b6334f248e8a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/34062e9a-48c2-4676-ab7d-b6334f248e8a?source=api-prod","cve":"CVE-2026-1934","affectedVersions":"<=1.4.103","severity":"medium"},{"advisoryId":"WPSECADV/WF/414636bc-3fab-41f9-9d4b-17ca1ac8a3df/motors-car-dealership-classified-listings","title":"Motors <= 1.4.71 - Unauthenticated Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"414636bc-3fab-41f9-9d4b-17ca1ac8a3df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/414636bc-3fab-41f9-9d4b-17ca1ac8a3df?source=api-prod","cve":"CVE-2025-32654","affectedVersions":"<=1.4.71","severity":"critical"},{"advisoryId":"WPSECADV/WF/427d2649-541b-4534-b1cc-0fde879c4f78/motors-car-dealership-classified-listings","title":"Motors <= 1.4.71 - Authenticated (Contributor+) Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"427d2649-541b-4534-b1cc-0fde879c4f78"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/427d2649-541b-4534-b1cc-0fde879c4f78?source=api-prod","cve":"CVE-2025-32142","affectedVersions":"<=1.4.71","severity":"high"},{"advisoryId":"WPSECADV/WF/437423f0-978f-4c7c-9ec3-40668c630c93/motors-car-dealership-classified-listings","title":"Motors – Car Dealer & Classified Ads <= 1.4.6 - Server Side Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"437423f0-978f-4c7c-9ec3-40668c630c93"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/437423f0-978f-4c7c-9ec3-40668c630c93?source=api-prod","cve":"CVE-2023-46207","affectedVersions":"<=1.4.6","severity":"high"},{"advisoryId":"WPSECADV/WF/570bca1e-78d0-49e8-8919-eba19f9457b9/motors-car-dealership-classified-listings","title":"Motors Car Dealer & Classified Ads <= 1.4.0 - Unauthenticated Settings Import/Export\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-09-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"570bca1e-78d0-49e8-8919-eba19f9457b9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/570bca1e-78d0-49e8-8919-eba19f9457b9?source=api-prod","cve":"CVE-2019-17228","affectedVersions":"<1.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/60693832-ff40-4173-95d9-822630e3403e/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin < 1.4.107 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"60693832-ff40-4173-95d9-822630e3403e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/60693832-ff40-4173-95d9-822630e3403e?source=api-prod","cve":"CVE-2026-39515","affectedVersions":"<1.4.107","severity":"medium"},{"advisoryId":"WPSECADV/WF/62731e0e-8843-4f79-b887-c595fbefae26/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.9 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-01 18:52:36","sources":[{"name":"Wordfence","remoteId":"62731e0e-8843-4f79-b887-c595fbefae26"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/62731e0e-8843-4f79-b887-c595fbefae26?source=api-prod","cve":"CVE-2024-5545","affectedVersions":"<=1.4.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/733f7666-468a-455c-a953-3d8946940f13/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin <= 1.4.64 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-07 20:33:10","sources":[{"name":"Wordfence","remoteId":"733f7666-468a-455c-a953-3d8946940f13"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/733f7666-468a-455c-a953-3d8946940f13?source=api-prod","cve":"CVE-2025-2807","affectedVersions":"<=1.4.64","severity":"high"},{"advisoryId":"WPSECADV/WF/90e420be-fe6e-4a35-9c06-f0d360c9f9bf/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin <= 1.4.63 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"90e420be-fe6e-4a35-9c06-f0d360c9f9bf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/90e420be-fe6e-4a35-9c06-f0d360c9f9bf?source=api-prod","cve":"CVE-2025-2808","affectedVersions":"<=1.4.63","severity":"medium"},{"advisoryId":"WPSECADV/WF/cb334b74-5561-4ac7-b321-397600e26d06/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.3 - Unauthenticated Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb334b74-5561-4ac7-b321-397600e26d06"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb334b74-5561-4ac7-b321-397600e26d06?source=api-prod","cve":"CVE-2022-3989","affectedVersions":"<=1.4.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/d0af6050-8602-4ed3-b017-c10aa023849b/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"d0af6050-8602-4ed3-b017-c10aa023849b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d0af6050-8602-4ed3-b017-c10aa023849b?source=api-prod","cve":"CVE-2025-3437","affectedVersions":"<=1.4.66","severity":"medium"},{"advisoryId":"WPSECADV/WF/e6066890-75b9-468d-9f67-78e93f58dcc1/motors-car-dealership-classified-listings","title":"Motors – Car Dealership & Classified Listings Plugin <= 1.4.89 - Authenticated (Subscriber+) Arbitrary File Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-07 14:44:40","sources":[{"name":"Wordfence","remoteId":"e6066890-75b9-468d-9f67-78e93f58dcc1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e6066890-75b9-468d-9f67-78e93f58dcc1?source=api-prod","cve":"CVE-2025-10494","affectedVersions":"<=1.4.89","severity":"high"},{"advisoryId":"WPSECADV/WF/f693b48b-9b16-44cc-aded-ded979a3541c/motors-car-dealership-classified-listings","title":"Motors <= 1.4.80 - Unauthenticated Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"f693b48b-9b16-44cc-aded-ded979a3541c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f693b48b-9b16-44cc-aded-ded979a3541c?source=api-prod","cve":"CVE-2025-54691","affectedVersions":"<=1.4.80","severity":"medium"},{"advisoryId":"WPSECADV/WF/fc58c679-3e87-4bcc-b1bc-718ae52c291a/motors-car-dealership-classified-listings","title":"Motors – Car Dealer, Classifieds & Listing <= 1.4.43 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom Title\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-15 11:56:38","sources":[{"name":"Wordfence","remoteId":"fc58c679-3e87-4bcc-b1bc-718ae52c291a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fc58c679-3e87-4bcc-b1bc-718ae52c291a?source=api-prod","cve":"CVE-2024-10970","affectedVersions":"<=1.4.43","severity":"medium"},{"advisoryId":"WPSECADV/WF/fd47e990-b48f-486e-87ac-2bb68d440ba8/motors-car-dealership-classified-listings","title":"Motors <= 1.4.71 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"fd47e990-b48f-486e-87ac-2bb68d440ba8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd47e990-b48f-486e-87ac-2bb68d440ba8?source=api-prod","cve":"CVE-2025-32170","affectedVersions":"<=1.4.71","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6e6f74696669636174696f6e2d666f722d74656c656772616d811c9dc5_gen.json b/internal/data/assets/plugin_6e6f74696669636174696f6e2d666f722d74656c656772616d811c9dc5_gen.json index 1538ae17..ada50fc3 100644 --- a/internal/data/assets/plugin_6e6f74696669636174696f6e2d666f722d74656c656772616d811c9dc5_gen.json +++ b/internal/data/assets/plugin_6e6f74696669636174696f6e2d666f722d74656c656772616d811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/5219ef67-7a99-49da-810b-bbfe7b649145/notification-for-telegram","title":"Notification for Telegram <= 3.5 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"5219ef67-7a99-49da-810b-bbfe7b649145"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5219ef67-7a99-49da-810b-bbfe7b649145?source=api-prod","cve":"CVE-2026-40732","affectedVersions":"<=3.5","severity":"high"},{"advisoryId":"WPSECADV/WF/8305175b-2e61-49e3-847b-580a52a5c666/notification-for-telegram","title":"Notification for Telegram <= 3.4.7 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"8305175b-2e61-49e3-847b-580a52a5c666"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8305175b-2e61-49e3-847b-580a52a5c666?source=api-prod","cve":"CVE-2025-62993","affectedVersions":"<=3.4.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/abaebd3b-69ab-4e9b-a528-c9d846e62238/notification-for-telegram","title":"Notification for Telegram <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Send Telegram Test Message\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"abaebd3b-69ab-4e9b-a528-c9d846e62238"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/abaebd3b-69ab-4e9b-a528-c9d846e62238?source=api-prod","cve":"CVE-2024-9685","affectedVersions":"<=3.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e9dea663-c3ee-4dda-85c1-5cec970adfba/notification-for-telegram","title":"Notification for Telegram <= 3.4.6 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"e9dea663-c3ee-4dda-85c1-5cec970adfba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e9dea663-c3ee-4dda-85c1-5cec970adfba?source=api-prod","cve":"CVE-2025-58794","affectedVersions":"<=3.4.6","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/5219ef67-7a99-49da-810b-bbfe7b649145/notification-for-telegram","title":"Notification for Telegram <= 3.5 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"5219ef67-7a99-49da-810b-bbfe7b649145"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5219ef67-7a99-49da-810b-bbfe7b649145?source=api-prod","cve":"CVE-2026-40732","affectedVersions":"<=3.5","severity":"high"},{"advisoryId":"WPSECADV/WF/8305175b-2e61-49e3-847b-580a52a5c666/notification-for-telegram","title":"Notification for Telegram <= 3.5.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"8305175b-2e61-49e3-847b-580a52a5c666"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8305175b-2e61-49e3-847b-580a52a5c666?source=api-prod","cve":"CVE-2025-62993","affectedVersions":"<=3.5.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/abaebd3b-69ab-4e9b-a528-c9d846e62238/notification-for-telegram","title":"Notification for Telegram <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Send Telegram Test Message\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"abaebd3b-69ab-4e9b-a528-c9d846e62238"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/abaebd3b-69ab-4e9b-a528-c9d846e62238?source=api-prod","cve":"CVE-2024-9685","affectedVersions":"<=3.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e9dea663-c3ee-4dda-85c1-5cec970adfba/notification-for-telegram","title":"Notification for Telegram <= 3.5.1 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"e9dea663-c3ee-4dda-85c1-5cec970adfba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e9dea663-c3ee-4dda-85c1-5cec970adfba?source=api-prod","cve":"CVE-2025-58794","affectedVersions":"<=3.5.1","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_7064662d706f73746572811c9dc5_gen.json b/internal/data/assets/plugin_7064662d706f73746572811c9dc5_gen.json index 765d92b1..41651624 100644 --- a/internal/data/assets/plugin_7064662d706f73746572811c9dc5_gen.json +++ b/internal/data/assets/plugin_7064662d706f73746572811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/341516d3-b785-4daf-98de-76f4f94b8c96/pdf-poster","title":"PDF Poster - PDF Embedder Plugin for WordPress <= 2.1.17 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"341516d3-b785-4daf-98de-76f4f94b8c96"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/341516d3-b785-4daf-98de-76f4f94b8c96?source=api-prod","cve":"CVE-2024-23508","affectedVersions":"<=2.1.17","severity":"medium"},{"advisoryId":"WPSECADV/WF/66988357-af1a-4763-b814-9092b86e51ef/pdf-poster","title":"PDF Poster <= 2.4.0 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"66988357-af1a-4763-b814-9092b86e51ef"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/66988357-af1a-4763-b814-9092b86e51ef?source=api-prod","cve":"CVE-2026-32416","affectedVersions":"<=2.4.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/8ce7aa01-7e79-4048-a84d-fcb9541d5f8b/pdf-poster","title":"PDF.js < 4.2.67 - Arbitrary JavaScript Execution\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"8ce7aa01-7e79-4048-a84d-fcb9541d5f8b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8ce7aa01-7e79-4048-a84d-fcb9541d5f8b?source=api-prod","cve":"CVE-2024-4367","affectedVersions":"<=2.1.21","severity":"medium"},{"advisoryId":"WPSECADV/WF/d694491c-c0f5-4418-805a-db792ea4f712/pdf-poster","title":"Freemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-30 17:17:30","sources":[{"name":"Wordfence","remoteId":"d694491c-c0f5-4418-805a-db792ea4f712"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d694491c-c0f5-4418-805a-db792ea4f712?source=api-prod","cve":"CVE-2024-13362","affectedVersions":"<=2.2.0","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/341516d3-b785-4daf-98de-76f4f94b8c96/pdf-poster","title":"PDF Poster - PDF Embedder Plugin for WordPress <= 2.1.17 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"341516d3-b785-4daf-98de-76f4f94b8c96"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/341516d3-b785-4daf-98de-76f4f94b8c96?source=api-prod","cve":"CVE-2024-23508","affectedVersions":"<=2.1.17","severity":"medium"},{"advisoryId":"WPSECADV/WF/66988357-af1a-4763-b814-9092b86e51ef/pdf-poster","title":"PDF Poster <= 2.4.0 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"66988357-af1a-4763-b814-9092b86e51ef"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/66988357-af1a-4763-b814-9092b86e51ef?source=api-prod","cve":"CVE-2026-32416","affectedVersions":"<=2.4.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/8ce7aa01-7e79-4048-a84d-fcb9541d5f8b/pdf-poster","title":"PDF.js < 4.2.67 - Arbitrary JavaScript Execution\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"8ce7aa01-7e79-4048-a84d-fcb9541d5f8b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8ce7aa01-7e79-4048-a84d-fcb9541d5f8b?source=api-prod","cve":"CVE-2024-4367","affectedVersions":"<=2.1.21","severity":"medium"},{"advisoryId":"WPSECADV/WF/bcf7af0d-6df8-4f90-a244-f942f678434f/pdf-poster","title":"PDF Poster – Display PDF Files with Custom Viewer <= 2.4.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"bcf7af0d-6df8-4f90-a244-f942f678434f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bcf7af0d-6df8-4f90-a244-f942f678434f?source=api-prod","cve":"CVE-2026-27416","affectedVersions":"<=2.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/d694491c-c0f5-4418-805a-db792ea4f712/pdf-poster","title":"Freemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-30 17:17:30","sources":[{"name":"Wordfence","remoteId":"d694491c-c0f5-4418-805a-db792ea4f712"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d694491c-c0f5-4418-805a-db792ea4f712?source=api-prod","cve":"CVE-2024-13362","affectedVersions":"<=2.2.0","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_726f79616c2d656c656d656e746f722d6164646f6e73811c9dc5_gen.json b/internal/data/assets/plugin_726f79616c2d656c656d656e746f722d6164646f6e73811c9dc5_gen.json index a03a9c6e..5a5f7277 100644 --- a/internal/data/assets/plugin_726f79616c2d656c656d656e746f722d6164646f6e73811c9dc5_gen.json +++ b/internal/data/assets/plugin_726f79616c2d656c656d656e746f722d6164646f6e73811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/0a941aef-85f6-4719-b6ab-ace77a03e93e/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Activation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"0a941aef-85f6-4719-b6ab-ace77a03e93e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0a941aef-85f6-4719-b6ab-ace77a03e93e?source=api-prod","cve":"CVE-2022-4705","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/0c7a23b2-0d42-4e35-94aa-4cd6e25d8a9b/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1056 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"0c7a23b2-0d42-4e35-94aa-4cd6e25d8a9b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0c7a23b2-0d42-4e35-94aa-4cd6e25d8a9b?source=api-prod","cve":"CVE-2026-40763","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/16d083bc-d726-4291-bc6d-a7bf83fa78c3/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site Scripting via Instagram Feed Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-16 13:10:11","sources":[{"name":"Wordfence","remoteId":"16d083bc-d726-4291-bc6d-a7bf83fa78c3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/16d083bc-d726-4291-bc6d-a7bf83fa78c3?source=api-prod","cve":"CVE-2026-5162","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/201ff7b6-d72a-43c3-a7b1-c4f917c9d27f/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1028 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Multiple Widgets\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-06-25 20:58:34","sources":[{"name":"Wordfence","remoteId":"201ff7b6-d72a-43c3-a7b1-c4f917c9d27f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/201ff7b6-d72a-43c3-a7b1-c4f917c9d27f?source=api-prod","cve":"CVE-2025-5338","affectedVersions":"<=1.7.1028","severity":"medium"},{"advisoryId":"WPSECADV/WF/256b4818-290b-4660-8e83-c18b068a8959/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"256b4818-290b-4660-8e83-c18b068a8959"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/256b4818-290b-4660-8e83-c18b068a8959?source=api-prod","cve":"CVE-2024-0442","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/2626db42-0047-4801-bbcb-e236440c1677/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.93 - Unauthenticated IP Spoofing\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"2626db42-0047-4801-bbcb-e236440c1677"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2626db42-0047-4801-bbcb-e236440c1677?source=api-prod","cve":"CVE-2024-32786","affectedVersions":"<=1.3.93","severity":"medium"},{"advisoryId":"WPSECADV/WF/2d4225a6-4aae-49a5-93e1-8dcc9a77e089/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1049 - Authenticated (Contributor+) Stored Cross-Site Scripting via REST API Meta Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-03 19:31:46","sources":[{"name":"Wordfence","remoteId":"2d4225a6-4aae-49a5-93e1-8dcc9a77e089"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d4225a6-4aae-49a5-93e1-8dcc9a77e089?source=api-prod","cve":"CVE-2026-0664","affectedVersions":"<=1.7.1049","severity":"medium"},{"advisoryId":"WPSECADV/WF/2ecec7d7-d1b2-4ccf-ade6-1f78224968c6/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Missing Authorization to Unauthenticated Form Action Meta Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-01 20:11:49","sources":[{"name":"Wordfence","remoteId":"2ecec7d7-d1b2-4ccf-ade6-1f78224968c6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2ecec7d7-d1b2-4ccf-ade6-1f78224968c6?source=api-prod","cve":"CVE-2026-4024","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/30a89e75-2ab1-4e65-8646-b100efed5dbd/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.980 - Authenticated (Author+) External Entity Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"30a89e75-2ab1-4e65-8646-b100efed5dbd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/30a89e75-2ab1-4e65-8646-b100efed5dbd?source=api-prod","cve":"CVE-2024-50442","affectedVersions":"<=1.3.980","severity":"medium"},{"advisoryId":"WPSECADV/WF/337cbec1-c8a8-41b5-8c32-779be671120f/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via Flip Carousel, Flip Box, Post Grid, and Taxonomy List Widget Attributes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"337cbec1-c8a8-41b5-8c32-779be671120f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/337cbec1-c8a8-41b5-8c32-779be671120f?source=api-prod","cve":"CVE-2024-3675","affectedVersions":"<=1.3.971","severity":"medium"},{"advisoryId":"WPSECADV/WF/37223d1f-82c8-414f-bf39-63e728541aa3/royal-elementor-addons","title":"Royal Elementor Addons and Template <= 1.7.1001 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Google Maps Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"37223d1f-82c8-414f-bf39-63e728541aa3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/37223d1f-82c8-414f-bf39-63e728541aa3?source=api-prod","cve":"CVE-2024-9059","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42/royal-elementor-addons","title":"Freemius SDK <= 2.4.2 - Missing Authorization Checks\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-03-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"39fb0499-9ab4-4a2f-b0db-ece86bcf4d42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=api-prod","cve":"CVE-2022-4974","affectedVersions":"<1.3.33","severity":"medium"},{"advisoryId":"WPSECADV/WF/3ba3cf12-facb-479b-8077-fd279c40607e/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.80 - Missing Authorization to Private/Password Protected Post Read\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"3ba3cf12-facb-479b-8077-fd279c40607e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3ba3cf12-facb-479b-8077-fd279c40607e?source=api-prod","cve":"CVE-2023-5922","affectedVersions":"<=1.3.80","severity":"medium"},{"advisoryId":"WPSECADV/WF/3d3516e7-cce4-4def-be38-d16be3110d59/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via remove_from_wishlist\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"3d3516e7-cce4-4def-be38-d16be3110d59"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3d3516e7-cce4-4def-be38-d16be3110d59?source=api-prod","cve":"CVE-2024-0513","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/3dc3b715-23eb-4cb9-8f44-1d3134c560ec/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.55 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"3dc3b715-23eb-4cb9-8f44-1d3134c560ec"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3dc3b715-23eb-4cb9-8f44-1d3134c560ec?source=api-prod","cve":"CVE-2022-4102","affectedVersions":"<=1.3.55","severity":"high"},{"advisoryId":"WPSECADV/WF/3edfc4af-2a28-4bdf-becf-018d9f656947/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1049 - Authenticated (Author+) Arbitrary File Upload via main.php Upload Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-10 15:36:21","sources":[{"name":"Wordfence","remoteId":"3edfc4af-2a28-4bdf-becf-018d9f656947"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3edfc4af-2a28-4bdf-becf-018d9f656947?source=api-prod","cve":"CVE-2025-13067","affectedVersions":"<=1.7.1049","severity":"high"},{"advisoryId":"WPSECADV/WF/40ca3778-95ff-4b2c-ac47-4ae8c86e245a/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"40ca3778-95ff-4b2c-ac47-4ae8c86e245a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/40ca3778-95ff-4b2c-ac47-4ae8c86e245a?source=api-prod","cve":"CVE-2024-2799","affectedVersions":"<=1.3.971","severity":"medium"},{"advisoryId":"WPSECADV/WF/4529464e-6830-4c2a-8146-79cf5fc1bc7c/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.982 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"4529464e-6830-4c2a-8146-79cf5fc1bc7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4529464e-6830-4c2a-8146-79cf5fc1bc7c?source=api-prod","cve":"CVE-2024-44001","affectedVersions":"<=1.3.982","severity":"medium"},{"advisoryId":"WPSECADV/WF/4809d513-69e8-4572-9549-9dba9f40cb80/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.75 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-08-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"4809d513-69e8-4572-9549-9dba9f40cb80"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4809d513-69e8-4572-9549-9dba9f40cb80?source=api-prod","cve":"CVE-2022-47175","affectedVersions":"<=1.3.75","severity":"medium"},{"advisoryId":"WPSECADV/WF/4a7ef5a0-f6c8-41e1-bb3b-119a682be69f/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1003 - Authenticated (Contributor+) Post Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"4a7ef5a0-f6c8-41e1-bb3b-119a682be69f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4a7ef5a0-f6c8-41e1-bb3b-119a682be69f?source=api-prod","cve":"CVE-2024-10798","affectedVersions":"<=1.7.1003","severity":"medium"},{"advisoryId":"WPSECADV/WF/4d565196-592d-415c-b37c-e54456aa9ed8/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.975 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 17:22:35","sources":[{"name":"Wordfence","remoteId":"4d565196-592d-415c-b37c-e54456aa9ed8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4d565196-592d-415c-b37c-e54456aa9ed8?source=api-prod","cve":"CVE-2024-4342","affectedVersions":"<=1.3.975","severity":"medium"},{"advisoryId":"WPSECADV/WF/50518a54-16d8-4467-beca-a6b8196ed9b9/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1006 - Authenticated (Admin+) Server Side Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"50518a54-16d8-4467-beca-a6b8196ed9b9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/50518a54-16d8-4467-beca-a6b8196ed9b9?source=api-prod","cve":"CVE-2025-26990","affectedVersions":"<=1.7.1006","severity":"medium"},{"advisoryId":"WPSECADV/WF/5122800d-f274-4129-84d4-02380269502c/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.974 - Authenticated (Contributor+) Stored Cross-Site Scripting via Form Builder Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"5122800d-f274-4129-84d4-02380269502c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5122800d-f274-4129-84d4-02380269502c?source=api-prod","cve":"CVE-2024-3887","affectedVersions":"<=1.3.974","severity":"medium"},{"advisoryId":"WPSECADV/WF/5253fe2b-040b-417c-b257-0cb59ee5aa6e/royal-elementor-addons","title":"Freemius SDK <= 2.5.9 - Reflected Cross-Site Scripting via fs_request_get\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"5253fe2b-040b-417c-b257-0cb59ee5aa6e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5253fe2b-040b-417c-b257-0cb59ee5aa6e?source=api-prod","cve":"CVE-2023-33999","affectedVersions":">=1.3,<=1.3.70","severity":"medium"},{"advisoryId":"WPSECADV/WF/55db7d81-7ffb-49da-b64e-23e892bddc57/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Cross-Site Request Forgery to Menu Template creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"55db7d81-7ffb-49da-b64e-23e892bddc57"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/55db7d81-7ffb-49da-b64e-23e892bddc57?source=api-prod","cve":"CVE-2022-4707","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/55f7e39b-e7a5-462b-b1e4-c3d92038f17e/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Activation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"55f7e39b-e7a5-462b-b1e4-c3d92038f17e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/55f7e39b-e7a5-462b-b1e4-c3d92038f17e?source=api-prod","cve":"CVE-2022-4701","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/5666e2b7-acb3-4abb-ac2a-1575206435cf/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1012 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"5666e2b7-acb3-4abb-ac2a-1575206435cf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5666e2b7-acb3-4abb-ac2a-1575206435cf?source=api-prod","cve":"CVE-2025-1455","affectedVersions":"<=1.7.1012","severity":"medium"},{"advisoryId":"WPSECADV/WF/57bf222b-5f49-46e2-be84-3e6444807096/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.976 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Uploads\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"57bf222b-5f49-46e2-be84-3e6444807096"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/57bf222b-5f49-46e2-be84-3e6444807096?source=api-prod","cve":"CVE-2024-4489","affectedVersions":"<=1.3.976","severity":"medium"},{"advisoryId":"WPSECADV/WF/5ccece54-18fa-42e4-ba1a-d0879b73d66d/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.986 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"5ccece54-18fa-42e4-ba1a-d0879b73d66d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5ccece54-18fa-42e4-ba1a-d0879b73d66d?source=api-prod","cve":"CVE-2024-8482","affectedVersions":"<=1.3.986","severity":"medium"},{"advisoryId":"WPSECADV/WF/5ee7b4d8-c397-41f6-981f-9a010e4ab2f1/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1017 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"5ee7b4d8-c397-41f6-981f-9a010e4ab2f1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5ee7b4d8-c397-41f6-981f-9a010e4ab2f1?source=api-prod","cve":"CVE-2024-12120","affectedVersions":"<=1.7.1017","severity":"medium"},{"advisoryId":"WPSECADV/WF/62a5c796-1c14-4cb1-9f21-340b40e418df/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Import Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"62a5c796-1c14-4cb1-9f21-340b40e418df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/62a5c796-1c14-4cb1-9f21-340b40e418df?source=api-prod","cve":"CVE-2022-4703","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/64cce528-0ad0-45ec-a8f6-e8791b0bece0/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Import\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"64cce528-0ad0-45ec-a8f6-e8791b0bece0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/64cce528-0ad0-45ec-a8f6-e8791b0bece0?source=api-prod","cve":"CVE-2022-4704","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/68c6e428-b9cf-442f-a896-a8ceb4b9be0e/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1012 - Authenticated DOM-Based (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"68c6e428-b9cf-442f-a896-a8ceb4b9be0e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/68c6e428-b9cf-442f-a896-a8ceb4b9be0e?source=api-prod","cve":"CVE-2025-1456","affectedVersions":"<=1.7.1012","severity":"medium"},{"advisoryId":"WPSECADV/WF/6aa3d312-485a-4a93-a075-fa7152395f11/royal-elementor-addons","title":"Royal Elementor Addons <=1.3.55 - Authenticated (Subscriber+) Arbitrary Post Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"6aa3d312-485a-4a93-a075-fa7152395f11"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6aa3d312-485a-4a93-a075-fa7152395f11?source=api-prod","cve":"CVE-2022-4102","affectedVersions":"<=1.3.55","severity":"high"},{"advisoryId":"WPSECADV/WF/6bc6a436-6df3-4eaf-a16b-d8b3c3ca7d87/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1007 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"6bc6a436-6df3-4eaf-a16b-d8b3c3ca7d87"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6bc6a436-6df3-4eaf-a16b-d8b3c3ca7d87?source=api-prod","cve":"CVE-2025-1441","affectedVersions":"<=1.7.1007","severity":"medium"},{"advisoryId":"WPSECADV/WF/70582781-9de5-4124-bde4-d3d26724e9b3/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"70582781-9de5-4124-bde4-d3d26724e9b3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/70582781-9de5-4124-bde4-d3d26724e9b3?source=api-prod","cve":"CVE-2024-2798","affectedVersions":"<=1.3.971","severity":"medium"},{"advisoryId":"WPSECADV/WF/7a04705d-cd17-4b4b-b04d-de55d6479dab/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.94 - Unauthenticated Limited File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"7a04705d-cd17-4b4b-b04d-de55d6479dab"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7a04705d-cd17-4b4b-b04d-de55d6479dab?source=api-prod","cve":"CVE-2024-1567","affectedVersions":"<=1.3.94","severity":"high"},{"advisoryId":"WPSECADV/WF/83a0150d-a9fa-4cc2-8fe8-a429747a9964/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"83a0150d-a9fa-4cc2-8fe8-a429747a9964"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/83a0150d-a9fa-4cc2-8fe8-a429747a9964?source=api-prod","cve":"CVE-2024-5818","affectedVersions":"<=1.3.980","severity":"medium"},{"advisoryId":"WPSECADV/WF/83ea2ec3-5d5b-44ea-83e6-41c4fa6e2e5f/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Accordion Title Tags\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"83ea2ec3-5d5b-44ea-83e6-41c4fa6e2e5f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/83ea2ec3-5d5b-44ea-83e6-41c4fa6e2e5f?source=api-prod","cve":"CVE-2024-3889","affectedVersions":"<=1.3.971","severity":"medium"},{"advisoryId":"WPSECADV/WF/8619c999-5cf7-4888-bdb2-815238411303/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.91 - Authenticated (Contributor+) Stored Cross-Site Scripting via Logo Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"8619c999-5cf7-4888-bdb2-815238411303"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8619c999-5cf7-4888-bdb2-815238411303?source=api-prod","cve":"CVE-2024-1500","affectedVersions":"<=1.3.91","severity":"medium"},{"advisoryId":"WPSECADV/WF/86c9bcf1-c69e-47ca-b74b-8ce6157f520b/royal-elementor-addons","title":"Royal Elementor Addons <=1.3.70 - Unauthenticated MailChimp API Key Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"86c9bcf1-c69e-47ca-b74b-8ce6157f520b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/86c9bcf1-c69e-47ca-b74b-8ce6157f520b?source=api-prod","cve":"CVE-2023-3709","affectedVersions":"<=1.3.70","severity":"medium"},{"advisoryId":"WPSECADV/WF/9744055a-b199-4945-afcc-4f5b85f5f1e8/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1057 - Authenticated (Contributor+) Server-Side Request Forgery via CSV URL Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"9744055a-b199-4945-afcc-4f5b85f5f1e8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9744055a-b199-4945-afcc-4f5b85f5f1e8?source=api-prod","cve":"CVE-2026-6229","affectedVersions":"<=1.7.1057","severity":"high"},{"advisoryId":"WPSECADV/WF/9e860c60-b330-4a6c-8d15-947451af62fc/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1001 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"9e860c60-b330-4a6c-8d15-947451af62fc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9e860c60-b330-4a6c-8d15-947451af62fc?source=api-prod","cve":"CVE-2024-56226","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/a4178271-c09e-4094-a616-5a00d28f39a3/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via remove_from_compare\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4178271-c09e-4094-a616-5a00d28f39a3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4178271-c09e-4094-a616-5a00d28f39a3?source=api-prod","cve":"CVE-2024-0515","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/a4b353bf-f9be-465a-8723-9ea721b5baab/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.987 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4b353bf-f9be-465a-8723-9ea721b5baab"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4b353bf-f9be-465a-8723-9ea721b5baab?source=api-prod","cve":"CVE-2024-56062","affectedVersions":"<=1.3.987","severity":"medium"},{"advisoryId":"WPSECADV/WF/a720b38c-37f0-4edf-9868-de3a105551ee/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1017 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"a720b38c-37f0-4edf-9868-de3a105551ee"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a720b38c-37f0-4edf-9868-de3a105551ee?source=api-prod","cve":"CVE-2025-39361","affectedVersions":"<=1.7.1017","severity":"medium"},{"advisoryId":"WPSECADV/WF/a8e34c05-7431-4acd-91f3-aab5e66f61ad/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1006 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-13 19:52:46","sources":[{"name":"Wordfence","remoteId":"a8e34c05-7431-4acd-91f3-aab5e66f61ad"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a8e34c05-7431-4acd-91f3-aab5e66f61ad?source=api-prod","cve":"CVE-2025-0393","affectedVersions":"<=1.7.1006","severity":"medium"},{"advisoryId":"WPSECADV/WF/a8e39f0b-eb4c-4568-9f5a-60a0dc3eb6ba/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1001 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"a8e39f0b-eb4c-4568-9f5a-60a0dc3eb6ba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a8e39f0b-eb4c-4568-9f5a-60a0dc3eb6ba?source=api-prod","cve":"CVE-2024-9668","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/a9d95af5-96da-4259-98c6-e2c4c574a896/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.78 - Unauthenticated Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"a9d95af5-96da-4259-98c6-e2c4c574a896"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a9d95af5-96da-4259-98c6-e2c4c574a896?source=api-prod","cve":"CVE-2023-5360","affectedVersions":"<=1.3.78","severity":"critical"},{"advisoryId":"WPSECADV/WF/ac6c6ce4-9944-4c8e-89aa-6a2e870ef205/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"ac6c6ce4-9944-4c8e-89aa-6a2e870ef205"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ac6c6ce4-9944-4c8e-89aa-6a2e870ef205?source=api-prod","cve":"CVE-2022-4710","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/acaa3142-2bbc-43d3-8ecc-05e8edb931ec/royal-elementor-addons","title":"Multiple Plugins and Themes <= (Various Versions) - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via lightGallery JavaScript Library\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"acaa3142-2bbc-43d3-8ecc-05e8edb931ec"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/acaa3142-2bbc-43d3-8ecc-05e8edb931ec?source=api-prod","cve":"CVE-2025-5092","affectedVersions":"<=1.7.1031","severity":"medium"},{"advisoryId":"WPSECADV/WF/b0955689-43a0-442c-974b-5db5e4171f6a/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via add_to_compare\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"b0955689-43a0-442c-974b-5db5e4171f6a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b0955689-43a0-442c-974b-5db5e4171f6a?source=api-prod","cve":"CVE-2024-0514","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/b2ff2954-f494-4cd7-9f29-ee0e8551e339/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via add_to_wishlist\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"b2ff2954-f494-4cd7-9f29-ee0e8551e339"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b2ff2954-f494-4cd7-9f29-ee0e8551e339?source=api-prod","cve":"CVE-2024-0512","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/b3e12653-ddfe-4e02-9d9e-0263b9f71def/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Conditions Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"b3e12653-ddfe-4e02-9d9e-0263b9f71def"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b3e12653-ddfe-4e02-9d9e-0263b9f71def?source=api-prod","cve":"CVE-2022-4708","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/b957eb0d-882d-4646-ad84-9c64f957be14/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1020 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"b957eb0d-882d-4646-ad84-9c64f957be14"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b957eb0d-882d-4646-ad84-9c64f957be14?source=api-prod","cve":"CVE-2025-3813","affectedVersions":"<=1.7.1020","severity":"medium"},{"advisoryId":"WPSECADV/WF/ba7b8fe5-aa49-4a70-89c9-1b95a30b1142/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Authenticated (Author+) Stored Cross-Site Scripting via Image Caption Field\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-23 16:35:20","sources":[{"name":"Wordfence","remoteId":"ba7b8fe5-aa49-4a70-89c9-1b95a30b1142"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ba7b8fe5-aa49-4a70-89c9-1b95a30b1142?source=api-prod","cve":"CVE-2026-5428","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc2e883b-fb91-425c-a779-89a34eed2ba8/royal-elementor-addons","title":"Royal Elementor Addons <=1.3.55 - Missing Authorization to Subscriber+ Arbitrary Post Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc2e883b-fb91-425c-a779-89a34eed2ba8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc2e883b-fb91-425c-a779-89a34eed2ba8?source=api-prod","cve":"CVE-2022-4103","affectedVersions":"<=1.3.55","severity":"medium"},{"advisoryId":"WPSECADV/WF/bd90b85e-22a9-4c08-b2cf-4f75406e7ca3/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1001 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Form Builder Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"bd90b85e-22a9-4c08-b2cf-4f75406e7ca3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bd90b85e-22a9-4c08-b2cf-4f75406e7ca3?source=api-prod","cve":"CVE-2024-9682","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/bdd4022f-b038-4351-9798-77e7c24f1173/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.977 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"bdd4022f-b038-4351-9798-77e7c24f1173"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bdd4022f-b038-4351-9798-77e7c24f1173?source=api-prod","cve":"CVE-2025-39543","affectedVersions":"<=1.3.977","severity":"medium"},{"advisoryId":"WPSECADV/WF/be6db702-43bc-4d1f-a222-d323c70c6bb3/royal-elementor-addons","title":"Royal Addons for Elementor – Addons and Templates Kit for Elementor <= 1.7.1052 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"be6db702-43bc-4d1f-a222-d323c70c6bb3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/be6db702-43bc-4d1f-a222-d323c70c6bb3?source=api-prod","cve":"CVE-2026-28135","affectedVersions":"<=1.7.1052","severity":"medium"},{"advisoryId":"WPSECADV/WF/c23e9810-40ea-43e2-9292-f05f300a7ddf/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Menu Settings Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"c23e9810-40ea-43e2-9292-f05f300a7ddf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c23e9810-40ea-43e2-9292-f05f300a7ddf?source=api-prod","cve":"CVE-2022-4711","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/c3dfb0b7-5d9f-492b-9a1a-d4445d39c00c/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.986 - Authenticated (Subscriber+) Private Post Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"c3dfb0b7-5d9f-492b-9a1a-d4445d39c00c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c3dfb0b7-5d9f-492b-9a1a-d4445d39c00c?source=api-prod","cve":"CVE-2024-7417","affectedVersions":"<=1.3.986","severity":"medium"},{"advisoryId":"WPSECADV/WF/c3e47d14-4c00-4b10-9e4d-7f1d7946a2b4/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.93 - Authenticated (Contributor+) Stored Cross-Site Scriting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"c3e47d14-4c00-4b10-9e4d-7f1d7946a2b4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c3e47d14-4c00-4b10-9e4d-7f1d7946a2b4?source=api-prod","cve":"CVE-2024-31236","affectedVersions":"<=1.3.93","severity":"medium"},{"advisoryId":"WPSECADV/WF/c4192a7f-b962-46f9-a524-7271ed6f4917/royal-elementor-addons","title":"Royal Addons for Elementor – Addons and Templates Kit for Elementor <= 1.7.1049 - Missing Authorization to Unauthenticated Custom Post Type Contents Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-16 15:17:51","sources":[{"name":"Wordfence","remoteId":"c4192a7f-b962-46f9-a524-7271ed6f4917"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c4192a7f-b962-46f9-a524-7271ed6f4917?source=api-prod","cve":"CVE-2026-2373","affectedVersions":"<=1.7.1049","severity":"medium"},{"advisoryId":"WPSECADV/WF/c91a14d3-bc41-4490-888c-486ad2994095/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Unauthenticated Stored Cross-Site Scripting via 'status' Parameter in wpr_update_form_action_meta\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:32:14","sources":[{"name":"Wordfence","remoteId":"c91a14d3-bc41-4490-888c-486ad2994095"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c91a14d3-bc41-4490-888c-486ad2994095?source=api-prod","cve":"CVE-2026-4803","affectedVersions":"<=1.7.1056","severity":"high"},{"advisoryId":"WPSECADV/WF/cb0ac434-7e85-44d4-b21e-df462f63cd9c/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.976 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb0ac434-7e85-44d4-b21e-df462f63cd9c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb0ac434-7e85-44d4-b21e-df462f63cd9c?source=api-prod","cve":"CVE-2024-4488","affectedVersions":"<=1.3.976","severity":"medium"},{"advisoryId":"WPSECADV/WF/cb47b6cc-87e4-4d29-bbc7-6d7552bc3943/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Deactivation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb47b6cc-87e4-4d29-bbc7-6d7552bc3943"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb47b6cc-87e4-4d29-bbc7-6d7552bc3943?source=api-prod","cve":"CVE-2022-4702","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/cca7bb88-4a2c-4406-8610-15ce6e77c31f/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.975 - Authenticated (Contributor+) Stored Cross-Site Scripting via Back to Top Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 17:38:07","sources":[{"name":"Wordfence","remoteId":"cca7bb88-4a2c-4406-8610-15ce6e77c31f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cca7bb88-4a2c-4406-8610-15ce6e77c31f?source=api-prod","cve":"CVE-2024-4087","affectedVersions":"<=1.3.975","severity":"medium"},{"advisoryId":"WPSECADV/WF/cdc37da4-9de6-467b-a168-e3fa29baa06b/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1036 - Missing Authorization to Unauthenticated Media File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"cdc37da4-9de6-467b-a168-e3fa29baa06b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cdc37da4-9de6-467b-a168-e3fa29baa06b?source=api-prod","cve":"CVE-2025-11363","affectedVersions":"<=1.7.1036","severity":"medium"},{"advisoryId":"WPSECADV/WF/cdd464ad-24bc-4922-8bfa-ac42fbe60b52/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Theme Activation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"cdd464ad-24bc-4922-8bfa-ac42fbe60b52"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cdd464ad-24bc-4922-8bfa-ac42fbe60b52?source=api-prod","cve":"CVE-2022-4700","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/d2031289-eaf3-4a1b-8771-769c08d99ca3/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.55 - Cross-Site Request Forgery\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"d2031289-eaf3-4a1b-8771-769c08d99ca3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d2031289-eaf3-4a1b-8771-769c08d99ca3?source=api-prod","affectedVersions":"<=1.3.55","severity":"high"},{"advisoryId":"WPSECADV/WF/d3457b87-c860-4cf2-ac3d-2c6521b629ea/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Missing Authorization via wpr_update_form_action_meta\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"d3457b87-c860-4cf2-ac3d-2c6521b629ea"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d3457b87-c860-4cf2-ac3d-2c6521b629ea?source=api-prod","cve":"CVE-2024-0516","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/dc8bef03-51e0-4448-bddd-85300104e875/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via wpr_update_form_action_meta\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"dc8bef03-51e0-4448-bddd-85300104e875"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dc8bef03-51e0-4448-bddd-85300104e875?source=api-prod","cve":"CVE-2024-0511","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/ead108c4-ac09-42ea-95c5-e95dc514f1cb/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1036 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-18 15:19:11","sources":[{"name":"Wordfence","remoteId":"ead108c4-ac09-42ea-95c5-e95dc514f1cb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ead108c4-ac09-42ea-95c5-e95dc514f1cb?source=api-prod","cve":"CVE-2025-6251","affectedVersions":"<=1.7.1036","severity":"medium"},{"advisoryId":"WPSECADV/WF/ee96d8c5-baf0-4c5c-9ace-e88bbb95ee0a/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Follow Button Text' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:53:29","sources":[{"name":"Wordfence","remoteId":"ee96d8c5-baf0-4c5c-9ace-e88bbb95ee0a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ee96d8c5-baf0-4c5c-9ace-e88bbb95ee0a?source=api-prod","cve":"CVE-2026-5159","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/f7f9b1ef-2efc-4d88-bff8-e0dd711b85ab/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1001 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"f7f9b1ef-2efc-4d88-bff8-e0dd711b85ab"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f7f9b1ef-2efc-4d88-bff8-e0dd711b85ab?source=api-prod","cve":"CVE-2024-56227","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/fa530112-a7cd-4c54-aa87-9e7337d01557/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Kit Import\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"fa530112-a7cd-4c54-aa87-9e7337d01557"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fa530112-a7cd-4c54-aa87-9e7337d01557?source=api-prod","cve":"CVE-2022-4709","affectedVersions":"<=1.3.59","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/0a941aef-85f6-4719-b6ab-ace77a03e93e/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Activation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"0a941aef-85f6-4719-b6ab-ace77a03e93e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0a941aef-85f6-4719-b6ab-ace77a03e93e?source=api-prod","cve":"CVE-2022-4705","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/0c7a23b2-0d42-4e35-94aa-4cd6e25d8a9b/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1056 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"0c7a23b2-0d42-4e35-94aa-4cd6e25d8a9b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0c7a23b2-0d42-4e35-94aa-4cd6e25d8a9b?source=api-prod","cve":"CVE-2026-40763","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/16d083bc-d726-4291-bc6d-a7bf83fa78c3/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site Scripting via Instagram Feed Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-16 13:10:11","sources":[{"name":"Wordfence","remoteId":"16d083bc-d726-4291-bc6d-a7bf83fa78c3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/16d083bc-d726-4291-bc6d-a7bf83fa78c3?source=api-prod","cve":"CVE-2026-5162","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/201ff7b6-d72a-43c3-a7b1-c4f917c9d27f/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1028 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Multiple Widgets\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-06-25 20:58:34","sources":[{"name":"Wordfence","remoteId":"201ff7b6-d72a-43c3-a7b1-c4f917c9d27f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/201ff7b6-d72a-43c3-a7b1-c4f917c9d27f?source=api-prod","cve":"CVE-2025-5338","affectedVersions":"<=1.7.1028","severity":"medium"},{"advisoryId":"WPSECADV/WF/256b4818-290b-4660-8e83-c18b068a8959/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"256b4818-290b-4660-8e83-c18b068a8959"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/256b4818-290b-4660-8e83-c18b068a8959?source=api-prod","cve":"CVE-2024-0442","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/2626db42-0047-4801-bbcb-e236440c1677/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.93 - Unauthenticated IP Spoofing\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"2626db42-0047-4801-bbcb-e236440c1677"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2626db42-0047-4801-bbcb-e236440c1677?source=api-prod","cve":"CVE-2024-32786","affectedVersions":"<=1.3.93","severity":"medium"},{"advisoryId":"WPSECADV/WF/2bbfbbd4-9055-4ede-8a51-d49e000aa4f9/royal-elementor-addons","title":"Royal Addons for Elementor – Addons and Templates Kit for Elementor < 1.7.1053 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"2bbfbbd4-9055-4ede-8a51-d49e000aa4f9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2bbfbbd4-9055-4ede-8a51-d49e000aa4f9?source=api-prod","cve":"CVE-2026-25436","affectedVersions":"<1.7.1053","severity":"medium"},{"advisoryId":"WPSECADV/WF/2d4225a6-4aae-49a5-93e1-8dcc9a77e089/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1049 - Authenticated (Contributor+) Stored Cross-Site Scripting via REST API Meta Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-03 19:31:46","sources":[{"name":"Wordfence","remoteId":"2d4225a6-4aae-49a5-93e1-8dcc9a77e089"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d4225a6-4aae-49a5-93e1-8dcc9a77e089?source=api-prod","cve":"CVE-2026-0664","affectedVersions":"<=1.7.1049","severity":"medium"},{"advisoryId":"WPSECADV/WF/2ecec7d7-d1b2-4ccf-ade6-1f78224968c6/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Missing Authorization to Unauthenticated Form Action Meta Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-01 20:11:49","sources":[{"name":"Wordfence","remoteId":"2ecec7d7-d1b2-4ccf-ade6-1f78224968c6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2ecec7d7-d1b2-4ccf-ade6-1f78224968c6?source=api-prod","cve":"CVE-2026-4024","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/30a89e75-2ab1-4e65-8646-b100efed5dbd/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.980 - Authenticated (Author+) External Entity Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"30a89e75-2ab1-4e65-8646-b100efed5dbd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/30a89e75-2ab1-4e65-8646-b100efed5dbd?source=api-prod","cve":"CVE-2024-50442","affectedVersions":"<=1.3.980","severity":"medium"},{"advisoryId":"WPSECADV/WF/337cbec1-c8a8-41b5-8c32-779be671120f/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via Flip Carousel, Flip Box, Post Grid, and Taxonomy List Widget Attributes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"337cbec1-c8a8-41b5-8c32-779be671120f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/337cbec1-c8a8-41b5-8c32-779be671120f?source=api-prod","cve":"CVE-2024-3675","affectedVersions":"<=1.3.971","severity":"medium"},{"advisoryId":"WPSECADV/WF/37223d1f-82c8-414f-bf39-63e728541aa3/royal-elementor-addons","title":"Royal Elementor Addons and Template <= 1.7.1001 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Google Maps Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"37223d1f-82c8-414f-bf39-63e728541aa3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/37223d1f-82c8-414f-bf39-63e728541aa3?source=api-prod","cve":"CVE-2024-9059","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42/royal-elementor-addons","title":"Freemius SDK <= 2.4.2 - Missing Authorization Checks\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-03-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"39fb0499-9ab4-4a2f-b0db-ece86bcf4d42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=api-prod","cve":"CVE-2022-4974","affectedVersions":"<1.3.33","severity":"medium"},{"advisoryId":"WPSECADV/WF/3ba3cf12-facb-479b-8077-fd279c40607e/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.80 - Missing Authorization to Private/Password Protected Post Read\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"3ba3cf12-facb-479b-8077-fd279c40607e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3ba3cf12-facb-479b-8077-fd279c40607e?source=api-prod","cve":"CVE-2023-5922","affectedVersions":"<=1.3.80","severity":"medium"},{"advisoryId":"WPSECADV/WF/3d3516e7-cce4-4def-be38-d16be3110d59/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via remove_from_wishlist\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"3d3516e7-cce4-4def-be38-d16be3110d59"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3d3516e7-cce4-4def-be38-d16be3110d59?source=api-prod","cve":"CVE-2024-0513","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/3dc3b715-23eb-4cb9-8f44-1d3134c560ec/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.55 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"3dc3b715-23eb-4cb9-8f44-1d3134c560ec"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3dc3b715-23eb-4cb9-8f44-1d3134c560ec?source=api-prod","cve":"CVE-2022-4102","affectedVersions":"<=1.3.55","severity":"high"},{"advisoryId":"WPSECADV/WF/3edfc4af-2a28-4bdf-becf-018d9f656947/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1049 - Authenticated (Author+) Arbitrary File Upload via main.php Upload Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-10 15:36:21","sources":[{"name":"Wordfence","remoteId":"3edfc4af-2a28-4bdf-becf-018d9f656947"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3edfc4af-2a28-4bdf-becf-018d9f656947?source=api-prod","cve":"CVE-2025-13067","affectedVersions":"<=1.7.1049","severity":"high"},{"advisoryId":"WPSECADV/WF/40ca3778-95ff-4b2c-ac47-4ae8c86e245a/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML Tags\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"40ca3778-95ff-4b2c-ac47-4ae8c86e245a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/40ca3778-95ff-4b2c-ac47-4ae8c86e245a?source=api-prod","cve":"CVE-2024-2799","affectedVersions":"<=1.3.971","severity":"medium"},{"advisoryId":"WPSECADV/WF/4529464e-6830-4c2a-8146-79cf5fc1bc7c/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.982 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"4529464e-6830-4c2a-8146-79cf5fc1bc7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4529464e-6830-4c2a-8146-79cf5fc1bc7c?source=api-prod","cve":"CVE-2024-44001","affectedVersions":"<=1.3.982","severity":"medium"},{"advisoryId":"WPSECADV/WF/4809d513-69e8-4572-9549-9dba9f40cb80/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.75 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-08-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"4809d513-69e8-4572-9549-9dba9f40cb80"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4809d513-69e8-4572-9549-9dba9f40cb80?source=api-prod","cve":"CVE-2022-47175","affectedVersions":"<=1.3.75","severity":"medium"},{"advisoryId":"WPSECADV/WF/4a7ef5a0-f6c8-41e1-bb3b-119a682be69f/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1003 - Authenticated (Contributor+) Post Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"4a7ef5a0-f6c8-41e1-bb3b-119a682be69f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4a7ef5a0-f6c8-41e1-bb3b-119a682be69f?source=api-prod","cve":"CVE-2024-10798","affectedVersions":"<=1.7.1003","severity":"medium"},{"advisoryId":"WPSECADV/WF/4d565196-592d-415c-b37c-e54456aa9ed8/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.975 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 17:22:35","sources":[{"name":"Wordfence","remoteId":"4d565196-592d-415c-b37c-e54456aa9ed8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4d565196-592d-415c-b37c-e54456aa9ed8?source=api-prod","cve":"CVE-2024-4342","affectedVersions":"<=1.3.975","severity":"medium"},{"advisoryId":"WPSECADV/WF/50518a54-16d8-4467-beca-a6b8196ed9b9/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1006 - Authenticated (Admin+) Server Side Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"50518a54-16d8-4467-beca-a6b8196ed9b9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/50518a54-16d8-4467-beca-a6b8196ed9b9?source=api-prod","cve":"CVE-2025-26990","affectedVersions":"<=1.7.1006","severity":"medium"},{"advisoryId":"WPSECADV/WF/5122800d-f274-4129-84d4-02380269502c/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.974 - Authenticated (Contributor+) Stored Cross-Site Scripting via Form Builder Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"5122800d-f274-4129-84d4-02380269502c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5122800d-f274-4129-84d4-02380269502c?source=api-prod","cve":"CVE-2024-3887","affectedVersions":"<=1.3.974","severity":"medium"},{"advisoryId":"WPSECADV/WF/5253fe2b-040b-417c-b257-0cb59ee5aa6e/royal-elementor-addons","title":"Freemius SDK <= 2.5.9 - Reflected Cross-Site Scripting via fs_request_get\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"5253fe2b-040b-417c-b257-0cb59ee5aa6e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5253fe2b-040b-417c-b257-0cb59ee5aa6e?source=api-prod","cve":"CVE-2023-33999","affectedVersions":">=1.3,<=1.3.70","severity":"medium"},{"advisoryId":"WPSECADV/WF/55db7d81-7ffb-49da-b64e-23e892bddc57/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Cross-Site Request Forgery to Menu Template creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"55db7d81-7ffb-49da-b64e-23e892bddc57"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/55db7d81-7ffb-49da-b64e-23e892bddc57?source=api-prod","cve":"CVE-2022-4707","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/55f7e39b-e7a5-462b-b1e4-c3d92038f17e/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Activation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"55f7e39b-e7a5-462b-b1e4-c3d92038f17e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/55f7e39b-e7a5-462b-b1e4-c3d92038f17e?source=api-prod","cve":"CVE-2022-4701","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/5666e2b7-acb3-4abb-ac2a-1575206435cf/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1012 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"5666e2b7-acb3-4abb-ac2a-1575206435cf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5666e2b7-acb3-4abb-ac2a-1575206435cf?source=api-prod","cve":"CVE-2025-1455","affectedVersions":"<=1.7.1012","severity":"medium"},{"advisoryId":"WPSECADV/WF/57bf222b-5f49-46e2-be84-3e6444807096/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.976 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Uploads\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"57bf222b-5f49-46e2-be84-3e6444807096"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/57bf222b-5f49-46e2-be84-3e6444807096?source=api-prod","cve":"CVE-2024-4489","affectedVersions":"<=1.3.976","severity":"medium"},{"advisoryId":"WPSECADV/WF/5ccece54-18fa-42e4-ba1a-d0879b73d66d/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.986 - Authenticated (Contributor+) Stored Cross-Site Scripting via Team Member Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"5ccece54-18fa-42e4-ba1a-d0879b73d66d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5ccece54-18fa-42e4-ba1a-d0879b73d66d?source=api-prod","cve":"CVE-2024-8482","affectedVersions":"<=1.3.986","severity":"medium"},{"advisoryId":"WPSECADV/WF/5ee7b4d8-c397-41f6-981f-9a010e4ab2f1/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1017 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"5ee7b4d8-c397-41f6-981f-9a010e4ab2f1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5ee7b4d8-c397-41f6-981f-9a010e4ab2f1?source=api-prod","cve":"CVE-2024-12120","affectedVersions":"<=1.7.1017","severity":"medium"},{"advisoryId":"WPSECADV/WF/62a5c796-1c14-4cb1-9f21-340b40e418df/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Import Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"62a5c796-1c14-4cb1-9f21-340b40e418df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/62a5c796-1c14-4cb1-9f21-340b40e418df?source=api-prod","cve":"CVE-2022-4703","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/64cce528-0ad0-45ec-a8f6-e8791b0bece0/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Import\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"64cce528-0ad0-45ec-a8f6-e8791b0bece0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/64cce528-0ad0-45ec-a8f6-e8791b0bece0?source=api-prod","cve":"CVE-2022-4704","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/68c6e428-b9cf-442f-a896-a8ceb4b9be0e/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1012 - Authenticated DOM-Based (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"68c6e428-b9cf-442f-a896-a8ceb4b9be0e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/68c6e428-b9cf-442f-a896-a8ceb4b9be0e?source=api-prod","cve":"CVE-2025-1456","affectedVersions":"<=1.7.1012","severity":"medium"},{"advisoryId":"WPSECADV/WF/6aa3d312-485a-4a93-a075-fa7152395f11/royal-elementor-addons","title":"Royal Elementor Addons <=1.3.55 - Authenticated (Subscriber+) Arbitrary Post Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"6aa3d312-485a-4a93-a075-fa7152395f11"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6aa3d312-485a-4a93-a075-fa7152395f11?source=api-prod","cve":"CVE-2022-4102","affectedVersions":"<=1.3.55","severity":"high"},{"advisoryId":"WPSECADV/WF/6bc6a436-6df3-4eaf-a16b-d8b3c3ca7d87/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1007 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"6bc6a436-6df3-4eaf-a16b-d8b3c3ca7d87"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6bc6a436-6df3-4eaf-a16b-d8b3c3ca7d87?source=api-prod","cve":"CVE-2025-1441","affectedVersions":"<=1.7.1007","severity":"medium"},{"advisoryId":"WPSECADV/WF/70582781-9de5-4124-bde4-d3d26724e9b3/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"70582781-9de5-4124-bde4-d3d26724e9b3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/70582781-9de5-4124-bde4-d3d26724e9b3?source=api-prod","cve":"CVE-2024-2798","affectedVersions":"<=1.3.971","severity":"medium"},{"advisoryId":"WPSECADV/WF/7a04705d-cd17-4b4b-b04d-de55d6479dab/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.94 - Unauthenticated Limited File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"7a04705d-cd17-4b4b-b04d-de55d6479dab"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7a04705d-cd17-4b4b-b04d-de55d6479dab?source=api-prod","cve":"CVE-2024-1567","affectedVersions":"<=1.3.94","severity":"high"},{"advisoryId":"WPSECADV/WF/7f197721-d7d6-49db-8cdc-0162c0c2960b/royal-elementor-addons","title":"Royal Addons for Elementor – Addons and Templates Kit for Elementor < 1.7.1053 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"7f197721-d7d6-49db-8cdc-0162c0c2960b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7f197721-d7d6-49db-8cdc-0162c0c2960b?source=api-prod","cve":"CVE-2026-27421","affectedVersions":"<1.7.1053","severity":"medium"},{"advisoryId":"WPSECADV/WF/83a0150d-a9fa-4cc2-8fe8-a429747a9964/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.980 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Magazine Grid/Slider Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"83a0150d-a9fa-4cc2-8fe8-a429747a9964"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/83a0150d-a9fa-4cc2-8fe8-a429747a9964?source=api-prod","cve":"CVE-2024-5818","affectedVersions":"<=1.3.980","severity":"medium"},{"advisoryId":"WPSECADV/WF/83ea2ec3-5d5b-44ea-83e6-41c4fa6e2e5f/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.971 - Authenticated (Contributor+) Stored Cross-Site Scripting via Advanced Accordion Title Tags\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"83ea2ec3-5d5b-44ea-83e6-41c4fa6e2e5f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/83ea2ec3-5d5b-44ea-83e6-41c4fa6e2e5f?source=api-prod","cve":"CVE-2024-3889","affectedVersions":"<=1.3.971","severity":"medium"},{"advisoryId":"WPSECADV/WF/8619c999-5cf7-4888-bdb2-815238411303/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.91 - Authenticated (Contributor+) Stored Cross-Site Scripting via Logo Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"8619c999-5cf7-4888-bdb2-815238411303"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8619c999-5cf7-4888-bdb2-815238411303?source=api-prod","cve":"CVE-2024-1500","affectedVersions":"<=1.3.91","severity":"medium"},{"advisoryId":"WPSECADV/WF/86c9bcf1-c69e-47ca-b74b-8ce6157f520b/royal-elementor-addons","title":"Royal Elementor Addons <=1.3.70 - Unauthenticated MailChimp API Key Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"86c9bcf1-c69e-47ca-b74b-8ce6157f520b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/86c9bcf1-c69e-47ca-b74b-8ce6157f520b?source=api-prod","cve":"CVE-2023-3709","affectedVersions":"<=1.3.70","severity":"medium"},{"advisoryId":"WPSECADV/WF/9744055a-b199-4945-afcc-4f5b85f5f1e8/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1057 - Authenticated (Contributor+) Server-Side Request Forgery via CSV URL Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"9744055a-b199-4945-afcc-4f5b85f5f1e8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9744055a-b199-4945-afcc-4f5b85f5f1e8?source=api-prod","cve":"CVE-2026-6229","affectedVersions":"<=1.7.1057","severity":"high"},{"advisoryId":"WPSECADV/WF/9e860c60-b330-4a6c-8d15-947451af62fc/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1001 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"9e860c60-b330-4a6c-8d15-947451af62fc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9e860c60-b330-4a6c-8d15-947451af62fc?source=api-prod","cve":"CVE-2024-56226","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/a4178271-c09e-4094-a616-5a00d28f39a3/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via remove_from_compare\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4178271-c09e-4094-a616-5a00d28f39a3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4178271-c09e-4094-a616-5a00d28f39a3?source=api-prod","cve":"CVE-2024-0515","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/a4b353bf-f9be-465a-8723-9ea721b5baab/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.987 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4b353bf-f9be-465a-8723-9ea721b5baab"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4b353bf-f9be-465a-8723-9ea721b5baab?source=api-prod","cve":"CVE-2024-56062","affectedVersions":"<=1.3.987","severity":"medium"},{"advisoryId":"WPSECADV/WF/a720b38c-37f0-4edf-9868-de3a105551ee/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1017 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"a720b38c-37f0-4edf-9868-de3a105551ee"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a720b38c-37f0-4edf-9868-de3a105551ee?source=api-prod","cve":"CVE-2025-39361","affectedVersions":"<=1.7.1017","severity":"medium"},{"advisoryId":"WPSECADV/WF/a8e34c05-7431-4acd-91f3-aab5e66f61ad/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1006 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-13 19:52:46","sources":[{"name":"Wordfence","remoteId":"a8e34c05-7431-4acd-91f3-aab5e66f61ad"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a8e34c05-7431-4acd-91f3-aab5e66f61ad?source=api-prod","cve":"CVE-2025-0393","affectedVersions":"<=1.7.1006","severity":"medium"},{"advisoryId":"WPSECADV/WF/a8e39f0b-eb4c-4568-9f5a-60a0dc3eb6ba/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1001 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"a8e39f0b-eb4c-4568-9f5a-60a0dc3eb6ba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a8e39f0b-eb4c-4568-9f5a-60a0dc3eb6ba?source=api-prod","cve":"CVE-2024-9668","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/a9d95af5-96da-4259-98c6-e2c4c574a896/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.78 - Unauthenticated Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"a9d95af5-96da-4259-98c6-e2c4c574a896"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a9d95af5-96da-4259-98c6-e2c4c574a896?source=api-prod","cve":"CVE-2023-5360","affectedVersions":"<=1.3.78","severity":"critical"},{"advisoryId":"WPSECADV/WF/ac6c6ce4-9944-4c8e-89aa-6a2e870ef205/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"ac6c6ce4-9944-4c8e-89aa-6a2e870ef205"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ac6c6ce4-9944-4c8e-89aa-6a2e870ef205?source=api-prod","cve":"CVE-2022-4710","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/acaa3142-2bbc-43d3-8ecc-05e8edb931ec/royal-elementor-addons","title":"Multiple Plugins and Themes <= (Various Versions) - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via lightGallery JavaScript Library\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"acaa3142-2bbc-43d3-8ecc-05e8edb931ec"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/acaa3142-2bbc-43d3-8ecc-05e8edb931ec?source=api-prod","cve":"CVE-2025-5092","affectedVersions":"<=1.7.1031","severity":"medium"},{"advisoryId":"WPSECADV/WF/b0955689-43a0-442c-974b-5db5e4171f6a/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via add_to_compare\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"b0955689-43a0-442c-974b-5db5e4171f6a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b0955689-43a0-442c-974b-5db5e4171f6a?source=api-prod","cve":"CVE-2024-0514","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/b2ff2954-f494-4cd7-9f29-ee0e8551e339/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via add_to_wishlist\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"b2ff2954-f494-4cd7-9f29-ee0e8551e339"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b2ff2954-f494-4cd7-9f29-ee0e8551e339?source=api-prod","cve":"CVE-2024-0512","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/b3e12653-ddfe-4e02-9d9e-0263b9f71def/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Conditions Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"b3e12653-ddfe-4e02-9d9e-0263b9f71def"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b3e12653-ddfe-4e02-9d9e-0263b9f71def?source=api-prod","cve":"CVE-2022-4708","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/b957eb0d-882d-4646-ad84-9c64f957be14/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1020 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"b957eb0d-882d-4646-ad84-9c64f957be14"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b957eb0d-882d-4646-ad84-9c64f957be14?source=api-prod","cve":"CVE-2025-3813","affectedVersions":"<=1.7.1020","severity":"medium"},{"advisoryId":"WPSECADV/WF/ba7b8fe5-aa49-4a70-89c9-1b95a30b1142/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Authenticated (Author+) Stored Cross-Site Scripting via Image Caption Field\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-23 16:35:20","sources":[{"name":"Wordfence","remoteId":"ba7b8fe5-aa49-4a70-89c9-1b95a30b1142"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ba7b8fe5-aa49-4a70-89c9-1b95a30b1142?source=api-prod","cve":"CVE-2026-5428","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc2e883b-fb91-425c-a779-89a34eed2ba8/royal-elementor-addons","title":"Royal Elementor Addons <=1.3.55 - Missing Authorization to Subscriber+ Arbitrary Post Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc2e883b-fb91-425c-a779-89a34eed2ba8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc2e883b-fb91-425c-a779-89a34eed2ba8?source=api-prod","cve":"CVE-2022-4103","affectedVersions":"<=1.3.55","severity":"medium"},{"advisoryId":"WPSECADV/WF/bd90b85e-22a9-4c08-b2cf-4f75406e7ca3/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1001 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Form Builder Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"bd90b85e-22a9-4c08-b2cf-4f75406e7ca3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bd90b85e-22a9-4c08-b2cf-4f75406e7ca3?source=api-prod","cve":"CVE-2024-9682","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/bdd4022f-b038-4351-9798-77e7c24f1173/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.977 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"bdd4022f-b038-4351-9798-77e7c24f1173"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bdd4022f-b038-4351-9798-77e7c24f1173?source=api-prod","cve":"CVE-2025-39543","affectedVersions":"<=1.3.977","severity":"medium"},{"advisoryId":"WPSECADV/WF/be6db702-43bc-4d1f-a222-d323c70c6bb3/royal-elementor-addons","title":"Royal Addons for Elementor – Addons and Templates Kit for Elementor <= 1.7.1052 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"be6db702-43bc-4d1f-a222-d323c70c6bb3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/be6db702-43bc-4d1f-a222-d323c70c6bb3?source=api-prod","cve":"CVE-2026-28135","affectedVersions":"<=1.7.1052","severity":"medium"},{"advisoryId":"WPSECADV/WF/c23e9810-40ea-43e2-9292-f05f300a7ddf/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Menu Settings Update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"c23e9810-40ea-43e2-9292-f05f300a7ddf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c23e9810-40ea-43e2-9292-f05f300a7ddf?source=api-prod","cve":"CVE-2022-4711","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/c3dfb0b7-5d9f-492b-9a1a-d4445d39c00c/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.986 - Authenticated (Subscriber+) Private Post Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"c3dfb0b7-5d9f-492b-9a1a-d4445d39c00c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c3dfb0b7-5d9f-492b-9a1a-d4445d39c00c?source=api-prod","cve":"CVE-2024-7417","affectedVersions":"<=1.3.986","severity":"medium"},{"advisoryId":"WPSECADV/WF/c3e47d14-4c00-4b10-9e4d-7f1d7946a2b4/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.93 - Authenticated (Contributor+) Stored Cross-Site Scriting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"c3e47d14-4c00-4b10-9e4d-7f1d7946a2b4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c3e47d14-4c00-4b10-9e4d-7f1d7946a2b4?source=api-prod","cve":"CVE-2024-31236","affectedVersions":"<=1.3.93","severity":"medium"},{"advisoryId":"WPSECADV/WF/c4192a7f-b962-46f9-a524-7271ed6f4917/royal-elementor-addons","title":"Royal Addons for Elementor – Addons and Templates Kit for Elementor <= 1.7.1049 - Missing Authorization to Unauthenticated Custom Post Type Contents Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-16 15:17:51","sources":[{"name":"Wordfence","remoteId":"c4192a7f-b962-46f9-a524-7271ed6f4917"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c4192a7f-b962-46f9-a524-7271ed6f4917?source=api-prod","cve":"CVE-2026-2373","affectedVersions":"<=1.7.1049","severity":"medium"},{"advisoryId":"WPSECADV/WF/c91a14d3-bc41-4490-888c-486ad2994095/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Unauthenticated Stored Cross-Site Scripting via 'status' Parameter in wpr_update_form_action_meta\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:32:14","sources":[{"name":"Wordfence","remoteId":"c91a14d3-bc41-4490-888c-486ad2994095"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c91a14d3-bc41-4490-888c-486ad2994095?source=api-prod","cve":"CVE-2026-4803","affectedVersions":"<=1.7.1056","severity":"high"},{"advisoryId":"WPSECADV/WF/cb0ac434-7e85-44d4-b21e-df462f63cd9c/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.976 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb0ac434-7e85-44d4-b21e-df462f63cd9c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb0ac434-7e85-44d4-b21e-df462f63cd9c?source=api-prod","cve":"CVE-2024-4488","affectedVersions":"<=1.3.976","severity":"medium"},{"advisoryId":"WPSECADV/WF/cb47b6cc-87e4-4d29-bbc7-6d7552bc3943/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Plugin Deactivation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb47b6cc-87e4-4d29-bbc7-6d7552bc3943"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb47b6cc-87e4-4d29-bbc7-6d7552bc3943?source=api-prod","cve":"CVE-2022-4702","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/cca7bb88-4a2c-4406-8610-15ce6e77c31f/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.975 - Authenticated (Contributor+) Stored Cross-Site Scripting via Back to Top Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 17:38:07","sources":[{"name":"Wordfence","remoteId":"cca7bb88-4a2c-4406-8610-15ce6e77c31f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cca7bb88-4a2c-4406-8610-15ce6e77c31f?source=api-prod","cve":"CVE-2024-4087","affectedVersions":"<=1.3.975","severity":"medium"},{"advisoryId":"WPSECADV/WF/cdc37da4-9de6-467b-a168-e3fa29baa06b/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1036 - Missing Authorization to Unauthenticated Media File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"cdc37da4-9de6-467b-a168-e3fa29baa06b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cdc37da4-9de6-467b-a168-e3fa29baa06b?source=api-prod","cve":"CVE-2025-11363","affectedVersions":"<=1.7.1036","severity":"medium"},{"advisoryId":"WPSECADV/WF/cdd464ad-24bc-4922-8bfa-ac42fbe60b52/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Theme Activation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"cdd464ad-24bc-4922-8bfa-ac42fbe60b52"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cdd464ad-24bc-4922-8bfa-ac42fbe60b52?source=api-prod","cve":"CVE-2022-4700","affectedVersions":"<=1.3.59","severity":"medium"},{"advisoryId":"WPSECADV/WF/d2031289-eaf3-4a1b-8771-769c08d99ca3/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.55 - Cross-Site Request Forgery\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"d2031289-eaf3-4a1b-8771-769c08d99ca3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d2031289-eaf3-4a1b-8771-769c08d99ca3?source=api-prod","affectedVersions":"<=1.3.55","severity":"high"},{"advisoryId":"WPSECADV/WF/d3457b87-c860-4cf2-ac3d-2c6521b629ea/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Missing Authorization via wpr_update_form_action_meta\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"d3457b87-c860-4cf2-ac3d-2c6521b629ea"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d3457b87-c860-4cf2-ac3d-2c6521b629ea?source=api-prod","cve":"CVE-2024-0516","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/dc8bef03-51e0-4448-bddd-85300104e875/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via wpr_update_form_action_meta\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"dc8bef03-51e0-4448-bddd-85300104e875"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dc8bef03-51e0-4448-bddd-85300104e875?source=api-prod","cve":"CVE-2024-0511","affectedVersions":"<=1.3.87","severity":"medium"},{"advisoryId":"WPSECADV/WF/ead108c4-ac09-42ea-95c5-e95dc514f1cb/royal-elementor-addons","title":"Royal Elementor Addons and Templates <= 1.7.1036 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-18 15:19:11","sources":[{"name":"Wordfence","remoteId":"ead108c4-ac09-42ea-95c5-e95dc514f1cb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ead108c4-ac09-42ea-95c5-e95dc514f1cb?source=api-prod","cve":"CVE-2025-6251","affectedVersions":"<=1.7.1036","severity":"medium"},{"advisoryId":"WPSECADV/WF/ee96d8c5-baf0-4c5c-9ace-e88bbb95ee0a/royal-elementor-addons","title":"Royal Addons for Elementor <= 1.7.1056 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Follow Button Text' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:53:29","sources":[{"name":"Wordfence","remoteId":"ee96d8c5-baf0-4c5c-9ace-e88bbb95ee0a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ee96d8c5-baf0-4c5c-9ace-e88bbb95ee0a?source=api-prod","cve":"CVE-2026-5159","affectedVersions":"<=1.7.1056","severity":"medium"},{"advisoryId":"WPSECADV/WF/f7f9b1ef-2efc-4d88-bff8-e0dd711b85ab/royal-elementor-addons","title":"Royal Elementor Addons <= 1.7.1001 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"f7f9b1ef-2efc-4d88-bff8-e0dd711b85ab"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f7f9b1ef-2efc-4d88-bff8-e0dd711b85ab?source=api-prod","cve":"CVE-2024-56227","affectedVersions":"<=1.7.1001","severity":"medium"},{"advisoryId":"WPSECADV/WF/fa530112-a7cd-4c54-aa87-9e7337d01557/royal-elementor-addons","title":"Royal Elementor Addons <= 1.3.59 - Insufficient Access Control to Template Kit Import\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"fa530112-a7cd-4c54-aa87-9e7337d01557"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fa530112-a7cd-4c54-aa87-9e7337d01557?source=api-prod","cve":"CVE-2022-4709","affectedVersions":"<=1.3.59","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_73696d706c652d636c6f7564666c6172652d7475726e7374696c65811c9dc5_gen.json b/internal/data/assets/plugin_73696d706c652d636c6f7564666c6172652d7475726e7374696c65811c9dc5_gen.json index a7133e6f..3346e0af 100644 --- a/internal/data/assets/plugin_73696d706c652d636c6f7564666c6172652d7475726e7374696c65811c9dc5_gen.json +++ b/internal/data/assets/plugin_73696d706c652d636c6f7564666c6172652d7475726e7374696c65811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/91f6c9d3-641d-42f7-bf11-e3c3a44eeb76/simple-cloudflare-turnstile","title":"Simple Cloudflare Turnstile <= 1.23.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"91f6c9d3-641d-42f7-bf11-e3c3a44eeb76"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/91f6c9d3-641d-42f7-bf11-e3c3a44eeb76?source=api-prod","cve":"CVE-2023-5135","affectedVersions":"<=1.23.1","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/7e503e94-f544-4b77-9a79-e51836e30806/simple-cloudflare-turnstile","title":"Simple CAPTCHA Alternative with Cloudflare Turnstile <= 1.38.0 - Broken Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"7e503e94-f544-4b77-9a79-e51836e30806"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7e503e94-f544-4b77-9a79-e51836e30806?source=api-prod","cve":"CVE-2026-40799","affectedVersions":"<=1.38.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/91f6c9d3-641d-42f7-bf11-e3c3a44eeb76/simple-cloudflare-turnstile","title":"Simple Cloudflare Turnstile <= 1.23.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"91f6c9d3-641d-42f7-bf11-e3c3a44eeb76"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/91f6c9d3-641d-42f7-bf11-e3c3a44eeb76?source=api-prod","cve":"CVE-2023-5135","affectedVersions":"<=1.23.1","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_736c6963657770811c9dc5_gen.json b/internal/data/assets/plugin_736c6963657770811c9dc5_gen.json index 7ffe89e3..840f6dc1 100644 --- a/internal/data/assets/plugin_736c6963657770811c9dc5_gen.json +++ b/internal/data/assets/plugin_736c6963657770811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/45dd22d4-9a51-4569-a756-1f1a5f8626c1/slicewp","title":"WordPress Affiliates Plugin — SliceWP Affiliates <= 1.1.20 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"45dd22d4-9a51-4569-a756-1f1a5f8626c1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/45dd22d4-9a51-4569-a756-1f1a5f8626c1?source=api-prod","cve":"CVE-2024-8714","affectedVersions":"<=1.1.20","severity":"medium"},{"advisoryId":"WPSECADV/WF/5b9e92ea-49fc-420d-9d0e-29bcf78843bd/slicewp","title":"Affiliate Program Suite <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via slicewp_affiliate_url Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-05 17:50:49","sources":[{"name":"Wordfence","remoteId":"5b9e92ea-49fc-420d-9d0e-29bcf78843bd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5b9e92ea-49fc-420d-9d0e-29bcf78843bd?source=api-prod","cve":"CVE-2026-6672","affectedVersions":"<=1.2.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/73aad911-531b-4118-9d39-27cbae75db01/slicewp","title":"Affiliate Program Suite — SliceWP Affiliates <= 1.1.23 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-17 21:10:02","sources":[{"name":"Wordfence","remoteId":"73aad911-531b-4118-9d39-27cbae75db01"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/73aad911-531b-4118-9d39-27cbae75db01?source=api-prod","cve":"CVE-2024-12454","affectedVersions":"<=1.1.23","severity":"medium"},{"advisoryId":"WPSECADV/WF/9f79fe15-65a1-44ab-a43e-1410ce1f1d77/slicewp","title":"WordPress Affiliates Plugin — SliceWP Affiliates <= 1.1.10 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"9f79fe15-65a1-44ab-a43e-1410ce1f1d77"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9f79fe15-65a1-44ab-a43e-1410ce1f1d77?source=api-prod","cve":"CVE-2024-34413","affectedVersions":"<=1.1.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/b33fd509-1cc3-48de-bd4a-7c9749da1cf8/slicewp","title":"SliceWP <= 1.1.18 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"b33fd509-1cc3-48de-bd4a-7c9749da1cf8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b33fd509-1cc3-48de-bd4a-7c9749da1cf8?source=api-prod","cve":"CVE-2024-47388","affectedVersions":"<=1.1.18","severity":"medium"},{"advisoryId":"WPSECADV/WF/d8461a10-44e1-437a-ad6c-7107aeb66124/slicewp","title":"WordPress Affiliates Plugin — SliceWP Affiliates <= 1.0.45 - Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-08-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"d8461a10-44e1-437a-ad6c-7107aeb66124"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d8461a10-44e1-437a-ad6c-7107aeb66124?source=api-prod","affectedVersions":"<=1.0.45","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/170bb0cc-85c0-41e2-a7e0-a082aee1e6c0/slicewp","title":"Affiliate Program Suite — SliceWP Affiliates <= 1.2.6 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"170bb0cc-85c0-41e2-a7e0-a082aee1e6c0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/170bb0cc-85c0-41e2-a7e0-a082aee1e6c0?source=api-prod","cve":"CVE-2026-42653","affectedVersions":"<=1.2.6","severity":"high"},{"advisoryId":"WPSECADV/WF/45dd22d4-9a51-4569-a756-1f1a5f8626c1/slicewp","title":"WordPress Affiliates Plugin — SliceWP Affiliates <= 1.1.20 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"45dd22d4-9a51-4569-a756-1f1a5f8626c1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/45dd22d4-9a51-4569-a756-1f1a5f8626c1?source=api-prod","cve":"CVE-2024-8714","affectedVersions":"<=1.1.20","severity":"medium"},{"advisoryId":"WPSECADV/WF/5b9e92ea-49fc-420d-9d0e-29bcf78843bd/slicewp","title":"Affiliate Program Suite <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via slicewp_affiliate_url Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-05 17:50:49","sources":[{"name":"Wordfence","remoteId":"5b9e92ea-49fc-420d-9d0e-29bcf78843bd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5b9e92ea-49fc-420d-9d0e-29bcf78843bd?source=api-prod","cve":"CVE-2026-6672","affectedVersions":"<=1.2.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/73aad911-531b-4118-9d39-27cbae75db01/slicewp","title":"Affiliate Program Suite — SliceWP Affiliates <= 1.1.23 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-17 21:10:02","sources":[{"name":"Wordfence","remoteId":"73aad911-531b-4118-9d39-27cbae75db01"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/73aad911-531b-4118-9d39-27cbae75db01?source=api-prod","cve":"CVE-2024-12454","affectedVersions":"<=1.1.23","severity":"medium"},{"advisoryId":"WPSECADV/WF/9f79fe15-65a1-44ab-a43e-1410ce1f1d77/slicewp","title":"WordPress Affiliates Plugin — SliceWP Affiliates <= 1.1.10 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"9f79fe15-65a1-44ab-a43e-1410ce1f1d77"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9f79fe15-65a1-44ab-a43e-1410ce1f1d77?source=api-prod","cve":"CVE-2024-34413","affectedVersions":"<=1.1.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/b33fd509-1cc3-48de-bd4a-7c9749da1cf8/slicewp","title":"SliceWP <= 1.1.18 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"b33fd509-1cc3-48de-bd4a-7c9749da1cf8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b33fd509-1cc3-48de-bd4a-7c9749da1cf8?source=api-prod","cve":"CVE-2024-47388","affectedVersions":"<=1.1.18","severity":"medium"},{"advisoryId":"WPSECADV/WF/d8461a10-44e1-437a-ad6c-7107aeb66124/slicewp","title":"WordPress Affiliates Plugin — SliceWP Affiliates <= 1.0.45 - Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-08-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"d8461a10-44e1-437a-ad6c-7107aeb66124"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d8461a10-44e1-437a-ad6c-7107aeb66124?source=api-prod","affectedVersions":"<=1.0.45","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_73746f72652d6d616e616765722d636f6e6e6563746f72811c9dc5_gen.json b/internal/data/assets/plugin_73746f72652d6d616e616765722d636f6e6e6563746f72811c9dc5_gen.json index dcfc9cfb..5174fd12 100644 --- a/internal/data/assets/plugin_73746f72652d6d616e616765722d636f6e6e6563746f72811c9dc5_gen.json +++ b/internal/data/assets/plugin_73746f72652d6d616e616765722d636f6e6e6563746f72811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/20caab24-4af7-4592-9b18-f2f5acb423c9/store-manager-connector","title":"eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Read\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 14:33:31","sources":[{"name":"Wordfence","remoteId":"20caab24-4af7-4592-9b18-f2f5acb423c9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/20caab24-4af7-4592-9b18-f2f5acb423c9?source=api-prod","cve":"CVE-2025-4602","affectedVersions":"<=1.2.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/242ad00b-3602-4988-ab7a-76fba2e9d4cf/store-manager-connector","title":"eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 14:33:21","sources":[{"name":"Wordfence","remoteId":"242ad00b-3602-4988-ab7a-76fba2e9d4cf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/242ad00b-3602-4988-ab7a-76fba2e9d4cf?source=api-prod","cve":"CVE-2025-4603","affectedVersions":"<=1.2.5","severity":"critical"},{"advisoryId":"WPSECADV/WF/5323dbb7-3893-4b43-838b-6326505b2fb7/store-manager-connector","title":"eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 14:33:08","sources":[{"name":"Wordfence","remoteId":"5323dbb7-3893-4b43-838b-6326505b2fb7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5323dbb7-3893-4b43-838b-6326505b2fb7?source=api-prod","cve":"CVE-2025-4336","affectedVersions":"<=1.2.5","severity":"high"},{"advisoryId":"WPSECADV/WF/8a00ece0-6644-4535-86aa-d0802d94a1a7/store-manager-connector","title":"eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_image()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 14:33:44","sources":[{"name":"Wordfence","remoteId":"8a00ece0-6644-4535-86aa-d0802d94a1a7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a00ece0-6644-4535-86aa-d0802d94a1a7?source=api-prod","cve":"CVE-2025-5058","affectedVersions":"<=1.2.5","severity":"critical"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/20caab24-4af7-4592-9b18-f2f5acb423c9/store-manager-connector","title":"eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Read\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 14:33:31","sources":[{"name":"Wordfence","remoteId":"20caab24-4af7-4592-9b18-f2f5acb423c9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/20caab24-4af7-4592-9b18-f2f5acb423c9?source=api-prod","cve":"CVE-2025-4602","affectedVersions":"<=1.2.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/242ad00b-3602-4988-ab7a-76fba2e9d4cf/store-manager-connector","title":"eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 14:33:21","sources":[{"name":"Wordfence","remoteId":"242ad00b-3602-4988-ab7a-76fba2e9d4cf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/242ad00b-3602-4988-ab7a-76fba2e9d4cf?source=api-prod","cve":"CVE-2025-4603","affectedVersions":"<=1.2.5","severity":"critical"},{"advisoryId":"WPSECADV/WF/5323dbb7-3893-4b43-838b-6326505b2fb7/store-manager-connector","title":"eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 14:33:08","sources":[{"name":"Wordfence","remoteId":"5323dbb7-3893-4b43-838b-6326505b2fb7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5323dbb7-3893-4b43-838b-6326505b2fb7?source=api-prod","cve":"CVE-2025-4336","affectedVersions":"<=1.2.5","severity":"high"},{"advisoryId":"WPSECADV/WF/8a00ece0-6644-4535-86aa-d0802d94a1a7/store-manager-connector","title":"eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_image()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-23 14:33:44","sources":[{"name":"Wordfence","remoteId":"8a00ece0-6644-4535-86aa-d0802d94a1a7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a00ece0-6644-4535-86aa-d0802d94a1a7?source=api-prod","cve":"CVE-2025-5058","affectedVersions":"<=1.2.5","severity":"critical"},{"advisoryId":"WPSECADV/WF/92dbc405-a11c-4c2e-a98c-8dcb4e0b64e8/store-manager-connector","title":"eMagicOne Store Manager for WooCommerce <= 1.3.2 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"92dbc405-a11c-4c2e-a98c-8dcb4e0b64e8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/92dbc405-a11c-4c2e-a98c-8dcb4e0b64e8?source=api-prod","cve":"CVE-2026-42773","affectedVersions":"<=1.3.2","severity":"high"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_7374796c6973682d636f73742d63616c63756c61746f72811c9dc5_gen.json b/internal/data/assets/plugin_7374796c6973682d636f73742d63616c63756c61746f72811c9dc5_gen.json index 83d635e0..c0d4f102 100644 --- a/internal/data/assets/plugin_7374796c6973682d636f73742d63616c63756c61746f72811c9dc5_gen.json +++ b/internal/data/assets/plugin_7374796c6973682d636f73742d63616c63756c61746f72811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/30e89955-9f2b-42e4-a7cf-558edd2e736c/stylish-cost-calculator","title":"Stylish Cost Calculator <= 7.0.3 - Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-11-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"30e89955-9f2b-42e4-a7cf-558edd2e736c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/30e89955-9f2b-42e4-a7cf-558edd2e736c?source=api-prod","cve":"CVE-2021-24822","affectedVersions":"<=7.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/84003388-c47c-41db-8d2d-4643aa375a89/stylish-cost-calculator","title":"Appsero <= 1.2.1 - Missing Authorization\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"84003388-c47c-41db-8d2d-4643aa375a89"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/84003388-c47c-41db-8d2d-4643aa375a89?source=api-prod","affectedVersions":"<=7.3.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/c628dc0b-0648-4b7b-88cf-368771ebee45/stylish-cost-calculator","title":"Stylish Cost Calculator <= 8.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"c628dc0b-0648-4b7b-88cf-368771ebee45"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c628dc0b-0648-4b7b-88cf-368771ebee45?source=api-prod","cve":"CVE-2025-66091","affectedVersions":"<=8.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/cca6e588-0fd6-4643-897c-bcc3f482ddda/stylish-cost-calculator","title":"Stylish Cost Calculator <= 8.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-09 14:36:05","sources":[{"name":"Wordfence","remoteId":"cca6e588-0fd6-4643-897c-bcc3f482ddda"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cca6e588-0fd6-4643-897c-bcc3f482ddda?source=api-prod","cve":"CVE-2026-24630","affectedVersions":"<=8.1.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/e869800a-6fbc-4a1a-97fd-92ecbf3305ff/stylish-cost-calculator","title":"Appsero <= 1.2.0 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"e869800a-6fbc-4a1a-97fd-92ecbf3305ff"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e869800a-6fbc-4a1a-97fd-92ecbf3305ff?source=api-prod","cve":"CVE-2022-47150","affectedVersions":"<=7.3.6","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/30e89955-9f2b-42e4-a7cf-558edd2e736c/stylish-cost-calculator","title":"Stylish Cost Calculator <= 7.0.3 - Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-11-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"30e89955-9f2b-42e4-a7cf-558edd2e736c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/30e89955-9f2b-42e4-a7cf-558edd2e736c?source=api-prod","cve":"CVE-2021-24822","affectedVersions":"<=7.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/84003388-c47c-41db-8d2d-4643aa375a89/stylish-cost-calculator","title":"Appsero <= 1.2.1 - Missing Authorization\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"84003388-c47c-41db-8d2d-4643aa375a89"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/84003388-c47c-41db-8d2d-4643aa375a89?source=api-prod","affectedVersions":"<=7.3.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/c628dc0b-0648-4b7b-88cf-368771ebee45/stylish-cost-calculator","title":"Stylish Cost Calculator <= 8.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"c628dc0b-0648-4b7b-88cf-368771ebee45"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c628dc0b-0648-4b7b-88cf-368771ebee45?source=api-prod","cve":"CVE-2025-66091","affectedVersions":"<=8.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/cca6e588-0fd6-4643-897c-bcc3f482ddda/stylish-cost-calculator","title":"Stylish Cost Calculator < 8.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-09 14:36:05","sources":[{"name":"Wordfence","remoteId":"cca6e588-0fd6-4643-897c-bcc3f482ddda"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cca6e588-0fd6-4643-897c-bcc3f482ddda?source=api-prod","cve":"CVE-2026-24630","affectedVersions":"<8.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e869800a-6fbc-4a1a-97fd-92ecbf3305ff/stylish-cost-calculator","title":"Appsero <= 1.2.0 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"e869800a-6fbc-4a1a-97fd-92ecbf3305ff"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e869800a-6fbc-4a1a-97fd-92ecbf3305ff?source=api-prod","cve":"CVE-2022-47150","affectedVersions":"<=7.3.6","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_737572657472696767657273811c9dc5_gen.json b/internal/data/assets/plugin_737572657472696767657273811c9dc5_gen.json index 5076f361..34c15a4d 100644 --- a/internal/data/assets/plugin_737572657472696767657273811c9dc5_gen.json +++ b/internal/data/assets/plugin_737572657472696767657273811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/461211c9-951e-4ccd-abf5-84941290a6a5/suretriggers","title":"SureTriggers <= 1.0.23 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"461211c9-951e-4ccd-abf5-84941290a6a5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/461211c9-951e-4ccd-abf5-84941290a6a5?source=api-prod","cve":"CVE-2023-49749","affectedVersions":"<=1.0.23","severity":"medium"},{"advisoryId":"WPSECADV/WF/965dce53-2865-4179-9505-a64e4db1d1fd/suretriggers","title":"OttoKit: All-in-One Automation Platform (Formerly SureTriggers) <= 1.0.82 - Unauthenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"965dce53-2865-4179-9505-a64e4db1d1fd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/965dce53-2865-4179-9505-a64e4db1d1fd?source=api-prod","cve":"CVE-2025-27007","affectedVersions":"<=1.0.82","severity":"critical"},{"advisoryId":"WPSECADV/WF/ab19f7b1-2b1e-43bc-9843-ddee0fc74f50/suretriggers","title":"SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! <= 1.0.46 - Authenticated (Contributor+) Stored Cross-Site Scripting via Trigger Link Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-03 18:02:24","sources":[{"name":"Wordfence","remoteId":"ab19f7b1-2b1e-43bc-9843-ddee0fc74f50"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ab19f7b1-2b1e-43bc-9843-ddee0fc74f50?source=api-prod","cve":"CVE-2024-5485","affectedVersions":"<=1.0.47","severity":"medium"},{"advisoryId":"WPSECADV/WF/d156f277-88cb-43aa-895c-63684aa1466e/suretriggers","title":"OttoKit <= 1.1.20 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"d156f277-88cb-43aa-895c-63684aa1466e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d156f277-88cb-43aa-895c-63684aa1466e?source=api-prod","cve":"CVE-2026-39479","affectedVersions":"<=1.1.20","severity":"medium"},{"advisoryId":"WPSECADV/WF/ec017311-f150-4a14-a4b4-b5634f574e2b/suretriggers","title":"SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-09 16:19:25","sources":[{"name":"Wordfence","remoteId":"ec017311-f150-4a14-a4b4-b5634f574e2b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ec017311-f150-4a14-a4b4-b5634f574e2b?source=api-prod","cve":"CVE-2025-3102","affectedVersions":"<=1.0.78","severity":"high"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/461211c9-951e-4ccd-abf5-84941290a6a5/suretriggers","title":"SureTriggers <= 1.0.23 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"461211c9-951e-4ccd-abf5-84941290a6a5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/461211c9-951e-4ccd-abf5-84941290a6a5?source=api-prod","cve":"CVE-2023-49749","affectedVersions":"<=1.0.23","severity":"medium"},{"advisoryId":"WPSECADV/WF/5797e529-5109-49bf-a687-e5bf8f350c8f/suretriggers","title":"OttoKit: All-in-One Automation Platform < 1.1.23 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"5797e529-5109-49bf-a687-e5bf8f350c8f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5797e529-5109-49bf-a687-e5bf8f350c8f?source=api-prod","cve":"CVE-2026-4935","affectedVersions":"<1.1.23","severity":"high"},{"advisoryId":"WPSECADV/WF/965dce53-2865-4179-9505-a64e4db1d1fd/suretriggers","title":"OttoKit: All-in-One Automation Platform (Formerly SureTriggers) <= 1.0.82 - Unauthenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"965dce53-2865-4179-9505-a64e4db1d1fd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/965dce53-2865-4179-9505-a64e4db1d1fd?source=api-prod","cve":"CVE-2025-27007","affectedVersions":"<=1.0.82","severity":"critical"},{"advisoryId":"WPSECADV/WF/ab19f7b1-2b1e-43bc-9843-ddee0fc74f50/suretriggers","title":"SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! <= 1.0.46 - Authenticated (Contributor+) Stored Cross-Site Scripting via Trigger Link Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-03 18:02:24","sources":[{"name":"Wordfence","remoteId":"ab19f7b1-2b1e-43bc-9843-ddee0fc74f50"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ab19f7b1-2b1e-43bc-9843-ddee0fc74f50?source=api-prod","cve":"CVE-2024-5485","affectedVersions":"<=1.0.47","severity":"medium"},{"advisoryId":"WPSECADV/WF/d156f277-88cb-43aa-895c-63684aa1466e/suretriggers","title":"OttoKit <= 1.1.20 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"d156f277-88cb-43aa-895c-63684aa1466e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d156f277-88cb-43aa-895c-63684aa1466e?source=api-prod","cve":"CVE-2026-39479","affectedVersions":"<=1.1.20","severity":"medium"},{"advisoryId":"WPSECADV/WF/ec017311-f150-4a14-a4b4-b5634f574e2b/suretriggers","title":"SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-09 16:19:25","sources":[{"name":"Wordfence","remoteId":"ec017311-f150-4a14-a4b4-b5634f574e2b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ec017311-f150-4a14-a4b4-b5634f574e2b?source=api-prod","cve":"CVE-2025-3102","affectedVersions":"<=1.0.78","severity":"high"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_7461626c65736f6d65811c9dc5_gen.json b/internal/data/assets/plugin_7461626c65736f6d65811c9dc5_gen.json index ab4acdba..4235e13d 100644 --- a/internal/data/assets/plugin_7461626c65736f6d65811c9dc5_gen.json +++ b/internal/data/assets/plugin_7461626c65736f6d65811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/2be770c7-7aa2-430b-981d-5d81fe068bef/tablesome","title":"Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent <= 1.1.32 - Unauthenticated Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"2be770c7-7aa2-430b-981d-5d81fe068bef"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2be770c7-7aa2-430b-981d-5d81fe068bef?source=api-prod","cve":"CVE-2025-11499","affectedVersions":"<=1.1.32","severity":"critical"},{"advisoryId":"WPSECADV/WF/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42/tablesome","title":"Freemius SDK <= 2.4.2 - Missing Authorization Checks\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-03-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"39fb0499-9ab4-4a2f-b0db-ece86bcf4d42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=api-prod","cve":"CVE-2022-4974","affectedVersions":"<0.6.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/49cba28f-43dc-4947-b4bb-8556cc0409ee/tablesome","title":"Table & Contact Form 7 Database – Tablesome <= 1.0.27 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"49cba28f-43dc-4947-b4bb-8556cc0409ee"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/49cba28f-43dc-4947-b4bb-8556cc0409ee?source=api-prod","cve":"CVE-2024-29110","affectedVersions":"<=1.0.27","severity":"medium"},{"advisoryId":"WPSECADV/WF/5253fe2b-040b-417c-b257-0cb59ee5aa6e/tablesome","title":"Freemius SDK <= 2.5.9 - Reflected Cross-Site Scripting via fs_request_get\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"5253fe2b-040b-417c-b257-0cb59ee5aa6e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5253fe2b-040b-417c-b257-0cb59ee5aa6e?source=api-prod","cve":"CVE-2023-33999","affectedVersions":"<=1.0.14","severity":"medium"},{"advisoryId":"WPSECADV/WF/5b680158-0752-46bd-a5bb-343b65c0aeb4/tablesome","title":"Table & Contact Form 7 Database – Tablesome <= 1.0.33 - Unauthenticated Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"5b680158-0752-46bd-a5bb-343b65c0aeb4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5b680158-0752-46bd-a5bb-343b65c0aeb4?source=api-prod","cve":"CVE-2024-37498","affectedVersions":"<=1.0.33","severity":"medium"},{"advisoryId":"WPSECADV/WF/6f5f6931-aeda-4499-a1a4-9e80f730dad4/tablesome","title":"Tablesome <= 1.1.35.1 - Authenticated (Subscriber+) Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"6f5f6931-aeda-4499-a1a4-9e80f730dad4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6f5f6931-aeda-4499-a1a4-9e80f730dad4?source=api-prod","cve":"CVE-2025-68516","affectedVersions":"<=1.1.35.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/843b569d-d70e-46ae-b8f1-65579f0af333/tablesome","title":"Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent <= 1.2.3 - Authenticated (Subscriber+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"843b569d-d70e-46ae-b8f1-65579f0af333"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/843b569d-d70e-46ae-b8f1-65579f0af333?source=api-prod","cve":"CVE-2026-27373","affectedVersions":"<=1.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/8d769308-6273-4ed2-b64a-d9f065de4cce/tablesome","title":"Tablesome <= 1.0.8 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"8d769308-6273-4ed2-b64a-d9f065de4cce"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8d769308-6273-4ed2-b64a-d9f065de4cce?source=api-prod","cve":"CVE-2023-1890","affectedVersions":"<1.0.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/8e96b53e-218e-416e-8910-940ed2093f0f/tablesome","title":"Tablesome <= 1.2.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"8e96b53e-218e-416e-8910-940ed2093f0f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8e96b53e-218e-416e-8910-940ed2093f0f?source=api-prod","cve":"CVE-2026-24524","affectedVersions":"<=1.2.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/915f81ec-8b48-4036-90c6-9a1c31febfdd/tablesome","title":"Tablesome <= 1.1.35.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"915f81ec-8b48-4036-90c6-9a1c31febfdd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/915f81ec-8b48-4036-90c6-9a1c31febfdd?source=api-prod","cve":"CVE-2025-68517","affectedVersions":"<=1.1.35.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/9efb88e2-381f-4e26-80bb-1b034ffc1c91/tablesome","title":"Table & Contact Form 7 Database – Tablesome <= 1.0.25 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"9efb88e2-381f-4e26-80bb-1b034ffc1c91"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9efb88e2-381f-4e26-80bb-1b034ffc1c91?source=api-prod","cve":"CVE-2024-31388","affectedVersions":"<=1.0.25","severity":"medium"},{"advisoryId":"WPSECADV/WF/a22b2724-2541-4345-bd42-e8a5844f3f0a/tablesome","title":"Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent 0.5.4 - 1.2.1 - Missing Authorization to Authenticated (Subscriber+) Information Exposure and Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"a22b2724-2541-4345-bd42-e8a5844f3f0a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a22b2724-2541-4345-bd42-e8a5844f3f0a?source=api-prod","cve":"CVE-2025-12845","affectedVersions":">=0.5.4,<=1.2.1","severity":"high"},{"advisoryId":"WPSECADV/WF/b03409ee-37bd-4c61-8a74-11fedac1d10f/tablesome","title":"Tablesome <= 1.1.34 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"b03409ee-37bd-4c61-8a74-11fedac1d10f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b03409ee-37bd-4c61-8a74-11fedac1d10f?source=api-prod","cve":"CVE-2025-66526","affectedVersions":"<=1.1.34","severity":"medium"},{"advisoryId":"WPSECADV/WF/d694491c-c0f5-4418-805a-db792ea4f712/tablesome","title":"Freemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-30 17:17:30","sources":[{"name":"Wordfence","remoteId":"d694491c-c0f5-4418-805a-db792ea4f712"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d694491c-c0f5-4418-805a-db792ea4f712?source=api-prod","cve":"CVE-2024-13362","affectedVersions":"<=1.1.13","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/2be770c7-7aa2-430b-981d-5d81fe068bef/tablesome","title":"Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent <= 1.1.32 - Unauthenticated Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"2be770c7-7aa2-430b-981d-5d81fe068bef"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2be770c7-7aa2-430b-981d-5d81fe068bef?source=api-prod","cve":"CVE-2025-11499","affectedVersions":"<=1.1.32","severity":"critical"},{"advisoryId":"WPSECADV/WF/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42/tablesome","title":"Freemius SDK <= 2.4.2 - Missing Authorization Checks\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-03-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"39fb0499-9ab4-4a2f-b0db-ece86bcf4d42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=api-prod","cve":"CVE-2022-4974","affectedVersions":"<0.6.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/49cba28f-43dc-4947-b4bb-8556cc0409ee/tablesome","title":"Table & Contact Form 7 Database – Tablesome <= 1.0.27 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"49cba28f-43dc-4947-b4bb-8556cc0409ee"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/49cba28f-43dc-4947-b4bb-8556cc0409ee?source=api-prod","cve":"CVE-2024-29110","affectedVersions":"<=1.0.27","severity":"medium"},{"advisoryId":"WPSECADV/WF/5253fe2b-040b-417c-b257-0cb59ee5aa6e/tablesome","title":"Freemius SDK <= 2.5.9 - Reflected Cross-Site Scripting via fs_request_get\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"5253fe2b-040b-417c-b257-0cb59ee5aa6e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5253fe2b-040b-417c-b257-0cb59ee5aa6e?source=api-prod","cve":"CVE-2023-33999","affectedVersions":"<=1.0.14","severity":"medium"},{"advisoryId":"WPSECADV/WF/5b680158-0752-46bd-a5bb-343b65c0aeb4/tablesome","title":"Table & Contact Form 7 Database – Tablesome <= 1.0.33 - Unauthenticated Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"5b680158-0752-46bd-a5bb-343b65c0aeb4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5b680158-0752-46bd-a5bb-343b65c0aeb4?source=api-prod","cve":"CVE-2024-37498","affectedVersions":"<=1.0.33","severity":"medium"},{"advisoryId":"WPSECADV/WF/6f5f6931-aeda-4499-a1a4-9e80f730dad4/tablesome","title":"Tablesome <= 1.1.35.1 - Authenticated (Subscriber+) Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"6f5f6931-aeda-4499-a1a4-9e80f730dad4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6f5f6931-aeda-4499-a1a4-9e80f730dad4?source=api-prod","cve":"CVE-2025-68516","affectedVersions":"<=1.1.35.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/843b569d-d70e-46ae-b8f1-65579f0af333/tablesome","title":"Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent <= 1.2.3 - Authenticated (Subscriber+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"843b569d-d70e-46ae-b8f1-65579f0af333"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/843b569d-d70e-46ae-b8f1-65579f0af333?source=api-prod","cve":"CVE-2026-27373","affectedVersions":"<=1.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/8d769308-6273-4ed2-b64a-d9f065de4cce/tablesome","title":"Tablesome <= 1.0.8 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"8d769308-6273-4ed2-b64a-d9f065de4cce"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8d769308-6273-4ed2-b64a-d9f065de4cce?source=api-prod","cve":"CVE-2023-1890","affectedVersions":"<1.0.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/8e96b53e-218e-416e-8910-940ed2093f0f/tablesome","title":"Tablesome <= 1.2.8 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"8e96b53e-218e-416e-8910-940ed2093f0f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8e96b53e-218e-416e-8910-940ed2093f0f?source=api-prod","cve":"CVE-2026-24524","affectedVersions":"<=1.2.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/915f81ec-8b48-4036-90c6-9a1c31febfdd/tablesome","title":"Tablesome <= 1.1.35.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"915f81ec-8b48-4036-90c6-9a1c31febfdd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/915f81ec-8b48-4036-90c6-9a1c31febfdd?source=api-prod","cve":"CVE-2025-68517","affectedVersions":"<=1.1.35.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/9efb88e2-381f-4e26-80bb-1b034ffc1c91/tablesome","title":"Table & Contact Form 7 Database – Tablesome <= 1.0.25 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"9efb88e2-381f-4e26-80bb-1b034ffc1c91"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9efb88e2-381f-4e26-80bb-1b034ffc1c91?source=api-prod","cve":"CVE-2024-31388","affectedVersions":"<=1.0.25","severity":"medium"},{"advisoryId":"WPSECADV/WF/a22b2724-2541-4345-bd42-e8a5844f3f0a/tablesome","title":"Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent 0.5.4 - 1.2.1 - Missing Authorization to Authenticated (Subscriber+) Information Exposure and Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"a22b2724-2541-4345-bd42-e8a5844f3f0a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a22b2724-2541-4345-bd42-e8a5844f3f0a?source=api-prod","cve":"CVE-2025-12845","affectedVersions":">=0.5.4,<=1.2.1","severity":"high"},{"advisoryId":"WPSECADV/WF/b03409ee-37bd-4c61-8a74-11fedac1d10f/tablesome","title":"Tablesome <= 1.1.34 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"b03409ee-37bd-4c61-8a74-11fedac1d10f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b03409ee-37bd-4c61-8a74-11fedac1d10f?source=api-prod","cve":"CVE-2025-66526","affectedVersions":"<=1.1.34","severity":"medium"},{"advisoryId":"WPSECADV/WF/d694491c-c0f5-4418-805a-db792ea4f712/tablesome","title":"Freemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-30 17:17:30","sources":[{"name":"Wordfence","remoteId":"d694491c-c0f5-4418-805a-db792ea4f712"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d694491c-c0f5-4418-805a-db792ea4f712?source=api-prod","cve":"CVE-2024-13362","affectedVersions":"<=1.1.13","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_7465616d2d73686f77636173652d73757072656d65811c9dc5_gen.json b/internal/data/assets/plugin_7465616d2d73686f77636173652d73757072656d65811c9dc5_gen.json index 29e38671..a546ca17 100644 --- a/internal/data/assets/plugin_7465616d2d73686f77636173652d73757072656d65811c9dc5_gen.json +++ b/internal/data/assets/plugin_7465616d2d73686f77636173652d73757072656d65811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/353d22c5-dee1-485f-ae66-e9c7afe3ad8e/team-showcase-supreme","title":"Team Member <= 4.4 - Authenticated (Editor+) Stored Cross-Site Scripting via new_style_name\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"353d22c5-dee1-485f-ae66-e9c7afe3ad8e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/353d22c5-dee1-485f-ae66-e9c7afe3ad8e?source=api-prod","cve":"CVE-2023-23647","affectedVersions":"<=4.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc5cd81b-3182-45fb-a93a-471ecf770e42/team-showcase-supreme","title":"Team Member <= 7.4 - Authenticated (Editor+) Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc5cd81b-3182-45fb-a93a-471ecf770e42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc5cd81b-3182-45fb-a93a-471ecf770e42?source=api-prod","cve":"CVE-2024-52385","affectedVersions":"<=7.4","severity":"high"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/353d22c5-dee1-485f-ae66-e9c7afe3ad8e/team-showcase-supreme","title":"Team Member <= 4.4 - Authenticated (Editor+) Stored Cross-Site Scripting via new_style_name\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"353d22c5-dee1-485f-ae66-e9c7afe3ad8e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/353d22c5-dee1-485f-ae66-e9c7afe3ad8e?source=api-prod","cve":"CVE-2023-23647","affectedVersions":"<=4.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/7633b5fb-e382-4d72-b23b-ce21f2d207cb/team-showcase-supreme","title":"Team Members – Multi Language Supported Team Plugin <= 8.5 - Authenticated (Editor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"7633b5fb-e382-4d72-b23b-ce21f2d207cb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7633b5fb-e382-4d72-b23b-ce21f2d207cb?source=api-prod","cve":"CVE-2025-68060","affectedVersions":"<=8.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc5cd81b-3182-45fb-a93a-471ecf770e42/team-showcase-supreme","title":"Team Member <= 7.4 - Authenticated (Editor+) Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc5cd81b-3182-45fb-a93a-471ecf770e42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc5cd81b-3182-45fb-a93a-471ecf770e42?source=api-prod","cve":"CVE-2024-52385","affectedVersions":"<=7.4","severity":"high"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_7472757374792d77686973746c65626c6f77696e672d736f6c7574696f6e811c9dc5_gen.json b/internal/data/assets/plugin_7472757374792d77686973746c65626c6f77696e672d736f6c7574696f6e811c9dc5_gen.json index cd367edb..dfb07578 100644 --- a/internal/data/assets/plugin_7472757374792d77686973746c65626c6f77696e672d736f6c7574696f6e811c9dc5_gen.json +++ b/internal/data/assets/plugin_7472757374792d77686973746c65626c6f77696e672d736f6c7574696f6e811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/cb8fdb10-7b7f-4ba7-a324-5daeb872498e/trusty-whistleblowing-solution","title":"Trusty Whistleblowing <= 1.5.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-06-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb8fdb10-7b7f-4ba7-a324-5daeb872498e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb8fdb10-7b7f-4ba7-a324-5daeb872498e?source=api-prod","cve":"CVE-2025-52818","affectedVersions":"<=1.5.2","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/cb8fdb10-7b7f-4ba7-a324-5daeb872498e/trusty-whistleblowing-solution","title":"Trusty Whistleblowing <= 2.0.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-06-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb8fdb10-7b7f-4ba7-a324-5daeb872498e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb8fdb10-7b7f-4ba7-a324-5daeb872498e?source=api-prod","cve":"CVE-2025-52818","affectedVersions":"<=2.0.1","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_77656e2d6c6f676f2d736c69646572811c9dc5_gen.json b/internal/data/assets/plugin_77656e2d6c6f676f2d736c69646572811c9dc5_gen.json new file mode 100644 index 00000000..e2919ee2 --- /dev/null +++ b/internal/data/assets/plugin_77656e2d6c6f676f2d736c69646572811c9dc5_gen.json @@ -0,0 +1 @@ +[{"advisoryId":"WPSECADV/WF/d11295b5-0847-4c71-92fa-c35ba7fe7078/wen-logo-slider","title":"WEN Logo Slider <= 3.4.0 - Authenticated (Author+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"d11295b5-0847-4c71-92fa-c35ba7fe7078"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d11295b5-0847-4c71-92fa-c35ba7fe7078?source=api-prod","cve":"CVE-2025-62127","affectedVersions":"<=3.4.0","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_776f6f2d62756c6b2d656469746f72811c9dc5_gen.json b/internal/data/assets/plugin_776f6f2d62756c6b2d656469746f72811c9dc5_gen.json index 2d254ea3..ced1fb06 100644 --- a/internal/data/assets/plugin_776f6f2d62756c6b2d656469746f72811c9dc5_gen.json +++ b/internal/data/assets/plugin_776f6f2d62756c6b2d656469746f72811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/12188a74-b1a6-4aa4-88b4-2d0d0dd32916/woo-bulk-editor","title":"BEAR <= 1.1.4.1 & WOLF <= 1.0.8.1 - Cross-Site Request Forgery to Notice Dismissal\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"12188a74-b1a6-4aa4-88b4-2d0d0dd32916"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/12188a74-b1a6-4aa4-88b4-2d0d0dd32916?source=api-prod","cve":"CVE-2024-31430","affectedVersions":"<=1.1.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/1e4e8960-b0c1-4dbb-ba97-e45b88fb06c0/woo-bulk-editor","title":"BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Taxonomy Term Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"1e4e8960-b0c1-4dbb-ba97-e45b88fb06c0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1e4e8960-b0c1-4dbb-ba97-e45b88fb06c0?source=api-prod","cve":"CVE-2026-1673","affectedVersions":"<=1.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/26d8b75b-befa-4c6a-b072-0da44e437174/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"26d8b75b-befa-4c6a-b072-0da44e437174"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26d8b75b-befa-4c6a-b072-0da44e437174?source=api-prod","cve":"CVE-2023-4942","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/2d10475f-83dd-4e59-83e4-aeaa72a22b96/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"2d10475f-83dd-4e59-83e4-aeaa72a22b96"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d10475f-83dd-4e59-83e4-aeaa72a22b96?source=api-prod","cve":"CVE-2023-4943","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/2df8570b-c1a2-4a1b-b4d4-fe7a75eb05b6/woo-bulk-editor","title":"BEAR <= 1.1.4.3 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"2df8570b-c1a2-4a1b-b4d4-fe7a75eb05b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2df8570b-c1a2-4a1b-b4d4-fe7a75eb05b6?source=api-prod","cve":"CVE-2024-30463","affectedVersions":"<=1.1.4.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/2f14b0b9-6ccd-4f53-b015-e8537127b909/woo-bulk-editor","title":"BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.4.2 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"2f14b0b9-6ccd-4f53-b015-e8537127b909"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2f14b0b9-6ccd-4f53-b015-e8537127b909?source=api-prod","cve":"CVE-2024-30200","affectedVersions":"<=1.1.4.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/31c5e524-ef4d-48c7-baa0-595f8060a167/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"31c5e524-ef4d-48c7-baa0-595f8060a167"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/31c5e524-ef4d-48c7-baa0-595f8060a167?source=api-prod","cve":"CVE-2023-4940","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/32682598-ad1c-4aa1-bdf2-a7966a4d1dbe/woo-bulk-editor","title":"BEAR <= 1.1.4 - Authenticated (Shop manager+) Stored Cross-Site Scripting via Plugin Options\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"32682598-ad1c-4aa1-bdf2-a7966a4d1dbe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/32682598-ad1c-4aa1-bdf2-a7966a4d1dbe?source=api-prod","cve":"CVE-2024-24834","affectedVersions":"<=1.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/40bf51bf-efb2-4504-815b-4681d1078f77/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"40bf51bf-efb2-4504-815b-4681d1078f77"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/40bf51bf-efb2-4504-815b-4681d1078f77?source=api-prod","cve":"CVE-2023-4937","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/411b7889-c2c6-48cb-967d-091585705e17/woo-bulk-editor","title":"BEAR <= 1.1.4 - Missing Authorization via Several Functions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"411b7889-c2c6-48cb-967d-091585705e17"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/411b7889-c2c6-48cb-967d-091585705e17?source=api-prod","cve":"CVE-2024-24835","affectedVersions":"<=1.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/4ef11b08-534b-47eb-989c-7cc1c8853fb8/woo-bulk-editor","title":"BEAR <= 1.1.4.4 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"4ef11b08-534b-47eb-989c-7cc1c8853fb8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4ef11b08-534b-47eb-989c-7cc1c8853fb8?source=api-prod","cve":"CVE-2025-26775","affectedVersions":"<=1.1.4.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/58d25eeb-b12c-4850-8308-eaa30982b5a8/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"58d25eeb-b12c-4850-8308-eaa30982b5a8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/58d25eeb-b12c-4850-8308-eaa30982b5a8?source=api-prod","cve":"CVE-2023-4920","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/639f3941-7783-4500-aca4-5e8155db6460/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"639f3941-7783-4500-aca4-5e8155db6460"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/639f3941-7783-4500-aca4-5e8155db6460?source=api-prod","cve":"CVE-2023-4935","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/7a4db03d-ec40-4145-aa95-fee78bda5205/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"7a4db03d-ec40-4145-aa95-fee78bda5205"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7a4db03d-ec40-4145-aa95-fee78bda5205?source=api-prod","cve":"CVE-2023-4923","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/7dfd0246-4265-4dde-8a1e-18b7042eae74/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Missing Authorization to Product Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"7dfd0246-4265-4dde-8a1e-18b7042eae74"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7dfd0246-4265-4dde-8a1e-18b7042eae74?source=api-prod","cve":"CVE-2023-4924","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/a7e3818c-883f-4633-a460-a8c0446edffc/woo-bulk-editor","title":"BEAR <= 1.1.3.1 - Cross-Site Request Forgery via Multiple Functions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-05-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"a7e3818c-883f-4633-a460-a8c0446edffc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a7e3818c-883f-4633-a460-a8c0446edffc?source=api-prod","cve":"CVE-2023-33314","affectedVersions":"<=1.1.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/ab633506-63a1-4be1-b402-c7f0bcc4ea7a/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"ab633506-63a1-4be1-b402-c7f0bcc4ea7a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ab633506-63a1-4be1-b402-c7f0bcc4ea7a?source=api-prod","cve":"CVE-2023-4926","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc20f303-cac3-4517-9c45-153c410a13af/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc20f303-cac3-4517-9c45-153c410a13af"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc20f303-cac3-4517-9c45-153c410a13af?source=api-prod","cve":"CVE-2023-4941","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc3b5faa-1a29-4fa7-9146-d782adce0b1f/woo-bulk-editor","title":"BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Product Data Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc3b5faa-1a29-4fa7-9146-d782adce0b1f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc3b5faa-1a29-4fa7-9146-d782adce0b1f?source=api-prod","cve":"CVE-2026-1672","affectedVersions":"<=1.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/c045b31f-b4d6-470e-8f93-36eb70bb75f8/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"c045b31f-b4d6-470e-8f93-36eb70bb75f8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c045b31f-b4d6-470e-8f93-36eb70bb75f8?source=api-prod","cve":"CVE-2023-4935","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/c42f56a2-b9f9-40ef-86ad-fea6cf2e29f8/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"c42f56a2-b9f9-40ef-86ad-fea6cf2e29f8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c42f56a2-b9f9-40ef-86ad-fea6cf2e29f8?source=api-prod","cve":"CVE-2023-4938","affectedVersions":"<=1.1.3.3","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/12188a74-b1a6-4aa4-88b4-2d0d0dd32916/woo-bulk-editor","title":"BEAR <= 1.1.4.1 & WOLF <= 1.0.8.1 - Cross-Site Request Forgery to Notice Dismissal\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"12188a74-b1a6-4aa4-88b4-2d0d0dd32916"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/12188a74-b1a6-4aa4-88b4-2d0d0dd32916?source=api-prod","cve":"CVE-2024-31430","affectedVersions":"<=1.1.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/1e4e8960-b0c1-4dbb-ba97-e45b88fb06c0/woo-bulk-editor","title":"BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Taxonomy Term Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"1e4e8960-b0c1-4dbb-ba97-e45b88fb06c0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1e4e8960-b0c1-4dbb-ba97-e45b88fb06c0?source=api-prod","cve":"CVE-2026-1673","affectedVersions":"<=1.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/26d8b75b-befa-4c6a-b072-0da44e437174/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"26d8b75b-befa-4c6a-b072-0da44e437174"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26d8b75b-befa-4c6a-b072-0da44e437174?source=api-prod","cve":"CVE-2023-4942","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/2d10475f-83dd-4e59-83e4-aeaa72a22b96/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"2d10475f-83dd-4e59-83e4-aeaa72a22b96"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d10475f-83dd-4e59-83e4-aeaa72a22b96?source=api-prod","cve":"CVE-2023-4943","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/2df8570b-c1a2-4a1b-b4d4-fe7a75eb05b6/woo-bulk-editor","title":"BEAR <= 1.1.4.3 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"2df8570b-c1a2-4a1b-b4d4-fe7a75eb05b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2df8570b-c1a2-4a1b-b4d4-fe7a75eb05b6?source=api-prod","cve":"CVE-2024-30463","affectedVersions":"<=1.1.4.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/2f14b0b9-6ccd-4f53-b015-e8537127b909/woo-bulk-editor","title":"BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.4.2 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"2f14b0b9-6ccd-4f53-b015-e8537127b909"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2f14b0b9-6ccd-4f53-b015-e8537127b909?source=api-prod","cve":"CVE-2024-30200","affectedVersions":"<=1.1.4.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/31c5e524-ef4d-48c7-baa0-595f8060a167/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"31c5e524-ef4d-48c7-baa0-595f8060a167"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/31c5e524-ef4d-48c7-baa0-595f8060a167?source=api-prod","cve":"CVE-2023-4940","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/32682598-ad1c-4aa1-bdf2-a7966a4d1dbe/woo-bulk-editor","title":"BEAR <= 1.1.4 - Authenticated (Shop manager+) Stored Cross-Site Scripting via Plugin Options\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"32682598-ad1c-4aa1-bdf2-a7966a4d1dbe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/32682598-ad1c-4aa1-bdf2-a7966a4d1dbe?source=api-prod","cve":"CVE-2024-24834","affectedVersions":"<=1.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/40bf51bf-efb2-4504-815b-4681d1078f77/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"40bf51bf-efb2-4504-815b-4681d1078f77"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/40bf51bf-efb2-4504-815b-4681d1078f77?source=api-prod","cve":"CVE-2023-4937","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/411b7889-c2c6-48cb-967d-091585705e17/woo-bulk-editor","title":"BEAR <= 1.1.4 - Missing Authorization via Several Functions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"411b7889-c2c6-48cb-967d-091585705e17"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/411b7889-c2c6-48cb-967d-091585705e17?source=api-prod","cve":"CVE-2024-24835","affectedVersions":"<=1.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/4ef11b08-534b-47eb-989c-7cc1c8853fb8/woo-bulk-editor","title":"BEAR <= 1.1.4.4 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"4ef11b08-534b-47eb-989c-7cc1c8853fb8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4ef11b08-534b-47eb-989c-7cc1c8853fb8?source=api-prod","cve":"CVE-2025-26775","affectedVersions":"<=1.1.4.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/58d25eeb-b12c-4850-8308-eaa30982b5a8/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"58d25eeb-b12c-4850-8308-eaa30982b5a8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/58d25eeb-b12c-4850-8308-eaa30982b5a8?source=api-prod","cve":"CVE-2023-4920","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/639f3941-7783-4500-aca4-5e8155db6460/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"639f3941-7783-4500-aca4-5e8155db6460"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/639f3941-7783-4500-aca4-5e8155db6460?source=api-prod","cve":"CVE-2023-4935","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/7a4db03d-ec40-4145-aa95-fee78bda5205/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"7a4db03d-ec40-4145-aa95-fee78bda5205"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7a4db03d-ec40-4145-aa95-fee78bda5205?source=api-prod","cve":"CVE-2023-4923","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/7dfd0246-4265-4dde-8a1e-18b7042eae74/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Missing Authorization to Product Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"7dfd0246-4265-4dde-8a1e-18b7042eae74"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7dfd0246-4265-4dde-8a1e-18b7042eae74?source=api-prod","cve":"CVE-2023-4924","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/9634fbea-7562-43c4-bde9-03e762ce01a1/woo-bulk-editor","title":"BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"9634fbea-7562-43c4-bde9-03e762ce01a1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9634fbea-7562-43c4-bde9-03e762ce01a1?source=api-prod","cve":"CVE-2026-27415","affectedVersions":"<=1.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/a7e3818c-883f-4633-a460-a8c0446edffc/woo-bulk-editor","title":"BEAR <= 1.1.3.1 - Cross-Site Request Forgery via Multiple Functions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-05-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"a7e3818c-883f-4633-a460-a8c0446edffc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a7e3818c-883f-4633-a460-a8c0446edffc?source=api-prod","cve":"CVE-2023-33314","affectedVersions":"<=1.1.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/ab633506-63a1-4be1-b402-c7f0bcc4ea7a/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"ab633506-63a1-4be1-b402-c7f0bcc4ea7a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ab633506-63a1-4be1-b402-c7f0bcc4ea7a?source=api-prod","cve":"CVE-2023-4926","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc20f303-cac3-4517-9c45-153c410a13af/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc20f303-cac3-4517-9c45-153c410a13af"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc20f303-cac3-4517-9c45-153c410a13af?source=api-prod","cve":"CVE-2023-4941","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc3b5faa-1a29-4fa7-9146-d782adce0b1f/woo-bulk-editor","title":"BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Product Data Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc3b5faa-1a29-4fa7-9146-d782adce0b1f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc3b5faa-1a29-4fa7-9146-d782adce0b1f?source=api-prod","cve":"CVE-2026-1672","affectedVersions":"<=1.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/c045b31f-b4d6-470e-8f93-36eb70bb75f8/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"c045b31f-b4d6-470e-8f93-36eb70bb75f8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c045b31f-b4d6-470e-8f93-36eb70bb75f8?source=api-prod","cve":"CVE-2023-4935","affectedVersions":"<=1.1.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/c42f56a2-b9f9-40ef-86ad-fea6cf2e29f8/woo-bulk-editor","title":"BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-25 00:00:00","sources":[{"name":"Wordfence","remoteId":"c42f56a2-b9f9-40ef-86ad-fea6cf2e29f8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c42f56a2-b9f9-40ef-86ad-fea6cf2e29f8?source=api-prod","cve":"CVE-2023-4938","affectedVersions":"<=1.1.3.3","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_77702d627573696e6573732d696e74656c6c6967656e63652d6c697465811c9dc5_gen.json b/internal/data/assets/plugin_77702d627573696e6573732d696e74656c6c6967656e63652d6c697465811c9dc5_gen.json index 05c09ebb..c1033429 100644 --- a/internal/data/assets/plugin_77702d627573696e6573732d696e74656c6c6967656e63652d6c697465811c9dc5_gen.json +++ b/internal/data/assets/plugin_77702d627573696e6573732d696e74656c6c6967656e63652d6c697465811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/a7e35f18-7659-4b97-b99f-b57ac941cb22/wp-business-intelligence-lite","title":"WP Business Intelligence Lite <= 3.2.0 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary SQL Modification\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:06:15","sources":[{"name":"Wordfence","remoteId":"a7e35f18-7659-4b97-b99f-b57ac941cb22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a7e35f18-7659-4b97-b99f-b57ac941cb22?source=api-prod","affectedVersions":"<=3.2.0","severity":"high"},{"advisoryId":"WPSECADV/WF/e7eb6137-5c03-4f73-a478-c1c18ee91fba/wp-business-intelligence-lite","title":"WP Business Intelligence Lite <= 1.6.2 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-04-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"e7eb6137-5c03-4f73-a478-c1c18ee91fba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e7eb6137-5c03-4f73-a478-c1c18ee91fba?source=api-prod","cve":"CVE-2015-9326","affectedVersions":"<=1.6.2","severity":"critical"},{"advisoryId":"WPSECADV/WF/ee8ad691-b598-4eeb-b8a7-645c3bd968ff/wp-business-intelligence-lite","title":"WP Business intelligence lite < 1.3 - Arbitrary File Upload\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2014-03-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"ee8ad691-b598-4eeb-b8a7-645c3bd968ff"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ee8ad691-b598-4eeb-b8a7-645c3bd968ff?source=api-prod","affectedVersions":"<1.3","severity":"critical"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/a7e35f18-7659-4b97-b99f-b57ac941cb22/wp-business-intelligence-lite","title":"WP Business Intelligence Lite <= 3.2.0 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary SQL Modification\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:06:15","sources":[{"name":"Wordfence","remoteId":"a7e35f18-7659-4b97-b99f-b57ac941cb22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a7e35f18-7659-4b97-b99f-b57ac941cb22?source=api-prod","affectedVersions":"<=3.2.0","severity":"high"},{"advisoryId":"WPSECADV/WF/b1971bb8-fb24-40f6-bbd8-60b5dc1f0822/wp-business-intelligence-lite","title":"WP Business Intelligence Lite <= 3.2.0 - Missing Authorization\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"b1971bb8-fb24-40f6-bbd8-60b5dc1f0822"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b1971bb8-fb24-40f6-bbd8-60b5dc1f0822?source=api-prod","affectedVersions":"<=3.2.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/e7eb6137-5c03-4f73-a478-c1c18ee91fba/wp-business-intelligence-lite","title":"WP Business Intelligence Lite <= 1.6.2 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-04-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"e7eb6137-5c03-4f73-a478-c1c18ee91fba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e7eb6137-5c03-4f73-a478-c1c18ee91fba?source=api-prod","cve":"CVE-2015-9326","affectedVersions":"<=1.6.2","severity":"critical"},{"advisoryId":"WPSECADV/WF/ee8ad691-b598-4eeb-b8a7-645c3bd968ff/wp-business-intelligence-lite","title":"WP Business intelligence lite < 1.3 - Arbitrary File Upload\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2014-03-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"ee8ad691-b598-4eeb-b8a7-645c3bd968ff"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ee8ad691-b598-4eeb-b8a7-645c3bd968ff?source=api-prod","affectedVersions":"<1.3","severity":"critical"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_77702d646174612d616363657373811c9dc5_gen.json b/internal/data/assets/plugin_77702d646174612d616363657373811c9dc5_gen.json index 58a79252..8b73941e 100644 --- a/internal/data/assets/plugin_77702d646174612d616363657373811c9dc5_gen.json +++ b/internal/data/assets/plugin_77702d646174612d616363657373811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42/wp-data-access","title":"Freemius SDK <= 2.4.2 - Missing Authorization Checks\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-03-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"39fb0499-9ab4-4a2f-b0db-ece86bcf4d42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=api-prod","cve":"CVE-2022-4974","affectedVersions":"<5.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/7cb9cc24-920f-402d-8a87-8b6c6a1b1a51/wp-data-access","title":"WP Data Access <= 4.3.1 - Admin+ SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-11-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"7cb9cc24-920f-402d-8a87-8b6c6a1b1a51"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7cb9cc24-920f-402d-8a87-8b6c6a1b1a51?source=api-prod","cve":"CVE-2021-24866","affectedVersions":"<=4.3.1","severity":"high"},{"advisoryId":"WPSECADV/WF/85a33508-71f2-4aa1-8d51-667eb0690fbd/wp-data-access","title":"WP Data Access <= 5.5.7 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"85a33508-71f2-4aa1-8d51-667eb0690fbd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/85a33508-71f2-4aa1-8d51-667eb0690fbd?source=api-prod","cve":"CVE-2024-43295","affectedVersions":"<=5.5.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/8f562e33-2aef-46f0-8a65-691155ede9e7/wp-data-access","title":"WP Data Access <= 5.3.7 - Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"8f562e33-2aef-46f0-8a65-691155ede9e7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8f562e33-2aef-46f0-8a65-691155ede9e7?source=api-prod","cve":"CVE-2023-1874","affectedVersions":"<=5.3.7","severity":"high"},{"advisoryId":"WPSECADV/WF/97ddb0e9-1bb8-48ed-9fa3-d2b5f260263b/wp-data-access","title":"WP Data Access <= 5.5.63 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpda_app' Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-13 18:19:08","sources":[{"name":"Wordfence","remoteId":"97ddb0e9-1bb8-48ed-9fa3-d2b5f260263b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/97ddb0e9-1bb8-48ed-9fa3-d2b5f260263b?source=api-prod","cve":"CVE-2026-0557","affectedVersions":"<=5.5.63","severity":"medium"},{"advisoryId":"WPSECADV/WF/a1708d6e-14f5-418f-81eb-f9269159b5b1/wp-data-access","title":"WP Data Access – App, Table, Form and Chart Builder plugin <= 5.5.22 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"a1708d6e-14f5-418f-81eb-f9269159b5b1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a1708d6e-14f5-418f-81eb-f9269159b5b1?source=api-prod","cve":"CVE-2024-12428","affectedVersions":"<=5.5.22","severity":"high"},{"advisoryId":"WPSECADV/WF/d694491c-c0f5-4418-805a-db792ea4f712/wp-data-access","title":"Freemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-30 17:17:30","sources":[{"name":"Wordfence","remoteId":"d694491c-c0f5-4418-805a-db792ea4f712"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d694491c-c0f5-4418-805a-db792ea4f712?source=api-prod","cve":"CVE-2024-13362","affectedVersions":"<=5.5.31","severity":"medium"},{"advisoryId":"WPSECADV/WF/e8260829-49a6-4ec0-8771-25d1cce8cc8c/wp-data-access","title":"WP Data Access <= 5.5.36 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"e8260829-49a6-4ec0-8771-25d1cce8cc8c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e8260829-49a6-4ec0-8771-25d1cce8cc8c?source=api-prod","cve":"CVE-2025-39582","affectedVersions":"<=5.5.36","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42/wp-data-access","title":"Freemius SDK <= 2.4.2 - Missing Authorization Checks\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-03-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"39fb0499-9ab4-4a2f-b0db-ece86bcf4d42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=api-prod","cve":"CVE-2022-4974","affectedVersions":"<5.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/53ee7062-85f9-4d12-a432-f373fc25bab6/wp-data-access","title":"WP Data Access – App Builder for Tables, Forms, Charts, Maps & Dashboards <= 5.5.70 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"53ee7062-85f9-4d12-a432-f373fc25bab6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/53ee7062-85f9-4d12-a432-f373fc25bab6?source=api-prod","cve":"CVE-2026-42665","affectedVersions":"<=5.5.70","severity":"high"},{"advisoryId":"WPSECADV/WF/7cb9cc24-920f-402d-8a87-8b6c6a1b1a51/wp-data-access","title":"WP Data Access <= 4.3.1 - Admin+ SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-11-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"7cb9cc24-920f-402d-8a87-8b6c6a1b1a51"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7cb9cc24-920f-402d-8a87-8b6c6a1b1a51?source=api-prod","cve":"CVE-2021-24866","affectedVersions":"<=4.3.1","severity":"high"},{"advisoryId":"WPSECADV/WF/85a33508-71f2-4aa1-8d51-667eb0690fbd/wp-data-access","title":"WP Data Access <= 5.5.7 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"85a33508-71f2-4aa1-8d51-667eb0690fbd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/85a33508-71f2-4aa1-8d51-667eb0690fbd?source=api-prod","cve":"CVE-2024-43295","affectedVersions":"<=5.5.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/8f562e33-2aef-46f0-8a65-691155ede9e7/wp-data-access","title":"WP Data Access <= 5.3.7 - Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"8f562e33-2aef-46f0-8a65-691155ede9e7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8f562e33-2aef-46f0-8a65-691155ede9e7?source=api-prod","cve":"CVE-2023-1874","affectedVersions":"<=5.3.7","severity":"high"},{"advisoryId":"WPSECADV/WF/97ddb0e9-1bb8-48ed-9fa3-d2b5f260263b/wp-data-access","title":"WP Data Access <= 5.5.63 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpda_app' Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-13 18:19:08","sources":[{"name":"Wordfence","remoteId":"97ddb0e9-1bb8-48ed-9fa3-d2b5f260263b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/97ddb0e9-1bb8-48ed-9fa3-d2b5f260263b?source=api-prod","cve":"CVE-2026-0557","affectedVersions":"<=5.5.63","severity":"medium"},{"advisoryId":"WPSECADV/WF/a1708d6e-14f5-418f-81eb-f9269159b5b1/wp-data-access","title":"WP Data Access – App, Table, Form and Chart Builder plugin <= 5.5.22 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"a1708d6e-14f5-418f-81eb-f9269159b5b1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a1708d6e-14f5-418f-81eb-f9269159b5b1?source=api-prod","cve":"CVE-2024-12428","affectedVersions":"<=5.5.22","severity":"high"},{"advisoryId":"WPSECADV/WF/d694491c-c0f5-4418-805a-db792ea4f712/wp-data-access","title":"Freemius <= 2.10.1 - Reflected DOM-Based Cross-Site Scripting via url Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-30 17:17:30","sources":[{"name":"Wordfence","remoteId":"d694491c-c0f5-4418-805a-db792ea4f712"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d694491c-c0f5-4418-805a-db792ea4f712?source=api-prod","cve":"CVE-2024-13362","affectedVersions":"<=5.5.31","severity":"medium"},{"advisoryId":"WPSECADV/WF/e8260829-49a6-4ec0-8771-25d1cce8cc8c/wp-data-access","title":"WP Data Access <= 5.5.36 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"e8260829-49a6-4ec0-8771-25d1cce8cc8c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e8260829-49a6-4ec0-8771-25d1cce8cc8c?source=api-prod","cve":"CVE-2025-39582","affectedVersions":"<=5.5.36","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_77702d6772617068716c811c9dc5_gen.json b/internal/data/assets/plugin_77702d6772617068716c811c9dc5_gen.json index eaa74ff1..05e9a7d0 100644 --- a/internal/data/assets/plugin_77702d6772617068716c811c9dc5_gen.json +++ b/internal/data/assets/plugin_77702d6772617068716c811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/1410ee86-90ec-4913-bc74-d8954d141d72/wp-graphql","title":"WPGraphQL < 2.11.1 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"1410ee86-90ec-4913-bc74-d8954d141d72"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1410ee86-90ec-4913-bc74-d8954d141d72?source=api-prod","cve":"CVE-2026-40762","affectedVersions":"<2.11.1","severity":"high"},{"advisoryId":"WPSECADV/WF/2677128e-6da2-4c5e-a8ee-17c290d72c8a/wp-graphql","title":"WPGraphQL <= 2.9.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"2677128e-6da2-4c5e-a8ee-17c290d72c8a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2677128e-6da2-4c5e-a8ee-17c290d72c8a?source=api-prod","cve":"CVE-2026-33290","affectedVersions":"<=2.9.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/2be9815d-56c6-4574-9b4c-75fff40a148d/wp-graphql","title":"WPGraphQL <= 0.2.3 - Unauthenticated Comment Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-05-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"2be9815d-56c6-4574-9b4c-75fff40a148d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2be9815d-56c6-4574-9b4c-75fff40a148d?source=api-prod","cve":"CVE-2019-9881","affectedVersions":"<=0.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/38efd6d6-b931-41a7-b55d-b98cdeef4145/wp-graphql","title":"WPGraphQL <= 1.14.5 - Authenticated (Editor+) Server-Side Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"38efd6d6-b931-41a7-b55d-b98cdeef4145"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/38efd6d6-b931-41a7-b55d-b98cdeef4145?source=api-prod","cve":"CVE-2023-23684","affectedVersions":"<=1.14.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/80e74852-517e-4cd0-a7d3-6f6fe3433bff/wp-graphql","title":"WPGraphQL <= 0.2.3 - Administrative User Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-05-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"80e74852-517e-4cd0-a7d3-6f6fe3433bff"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/80e74852-517e-4cd0-a7d3-6f6fe3433bff?source=api-prod","cve":"CVE-2019-9879","affectedVersions":"<=0.2.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/9cb7bc91-b2e9-4ede-80cf-6b961ac6dcb9/wp-graphql","title":"WPGraphQL <= 0.2.3 - Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-05-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"9cb7bc91-b2e9-4ede-80cf-6b961ac6dcb9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9cb7bc91-b2e9-4ede-80cf-6b961ac6dcb9?source=api-prod","cve":"CVE-2019-9880","affectedVersions":"<=0.2.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/af455697-59da-488e-82fe-bb0fad65a810/wp-graphql","title":"WPGraphQL <= 0.3.4 - Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-07-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"af455697-59da-488e-82fe-bb0fad65a810"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/af455697-59da-488e-82fe-bb0fad65a810?source=api-prod","cve":"CVE-2019-25060","affectedVersions":"<=0.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/dd22276b-41d4-4795-a79e-d770d0cf4b76/wp-graphql","title":"WPGraphQL <= 1.3.5 - Denial of Service\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-04-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"dd22276b-41d4-4795-a79e-d770d0cf4b76"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dd22276b-41d4-4795-a79e-d770d0cf4b76?source=api-prod","cve":"CVE-2021-31157","affectedVersions":"<=1.3.5","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/1410ee86-90ec-4913-bc74-d8954d141d72/wp-graphql","title":"WPGraphQL < 2.11.1 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"1410ee86-90ec-4913-bc74-d8954d141d72"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1410ee86-90ec-4913-bc74-d8954d141d72?source=api-prod","cve":"CVE-2026-40762","affectedVersions":"<2.11.1","severity":"high"},{"advisoryId":"WPSECADV/WF/2677128e-6da2-4c5e-a8ee-17c290d72c8a/wp-graphql","title":"WPGraphQL <= 2.9.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"2677128e-6da2-4c5e-a8ee-17c290d72c8a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2677128e-6da2-4c5e-a8ee-17c290d72c8a?source=api-prod","cve":"CVE-2026-33290","affectedVersions":"<=2.9.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/2be9815d-56c6-4574-9b4c-75fff40a148d/wp-graphql","title":"WPGraphQL <= 0.2.3 - Unauthenticated Comment Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-05-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"2be9815d-56c6-4574-9b4c-75fff40a148d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2be9815d-56c6-4574-9b4c-75fff40a148d?source=api-prod","cve":"CVE-2019-9881","affectedVersions":"<=0.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/38efd6d6-b931-41a7-b55d-b98cdeef4145/wp-graphql","title":"WPGraphQL <= 1.14.5 - Authenticated (Editor+) Server-Side Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"38efd6d6-b931-41a7-b55d-b98cdeef4145"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/38efd6d6-b931-41a7-b55d-b98cdeef4145?source=api-prod","cve":"CVE-2023-23684","affectedVersions":"<=1.14.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/80e74852-517e-4cd0-a7d3-6f6fe3433bff/wp-graphql","title":"WPGraphQL <= 0.2.3 - Administrative User Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-05-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"80e74852-517e-4cd0-a7d3-6f6fe3433bff"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/80e74852-517e-4cd0-a7d3-6f6fe3433bff?source=api-prod","cve":"CVE-2019-9879","affectedVersions":"<=0.2.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/9cb7bc91-b2e9-4ede-80cf-6b961ac6dcb9/wp-graphql","title":"WPGraphQL <= 0.2.3 - Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-05-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"9cb7bc91-b2e9-4ede-80cf-6b961ac6dcb9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9cb7bc91-b2e9-4ede-80cf-6b961ac6dcb9?source=api-prod","cve":"CVE-2019-9880","affectedVersions":"<=0.2.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/af455697-59da-488e-82fe-bb0fad65a810/wp-graphql","title":"WPGraphQL <= 0.3.4 - Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-07-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"af455697-59da-488e-82fe-bb0fad65a810"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/af455697-59da-488e-82fe-bb0fad65a810?source=api-prod","cve":"CVE-2019-25060","affectedVersions":"<=0.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/cc490eea-455d-46f1-bbb1-d57af8ab5e74/wp-graphql","title":"WPGraphQL <= 2.5.3 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"cc490eea-455d-46f1-bbb1-d57af8ab5e74"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cc490eea-455d-46f1-bbb1-d57af8ab5e74?source=api-prod","cve":"CVE-2025-68604","affectedVersions":"<=2.5.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/dd22276b-41d4-4795-a79e-d770d0cf4b76/wp-graphql","title":"WPGraphQL <= 1.3.5 - Denial of Service\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-04-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"dd22276b-41d4-4795-a79e-d770d0cf4b76"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/dd22276b-41d4-4795-a79e-d770d0cf4b76?source=api-prod","cve":"CVE-2021-31157","affectedVersions":"<=1.3.5","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_77702d7265636970652d6d616b6572811c9dc5_gen.json b/internal/data/assets/plugin_77702d7265636970652d6d616b6572811c9dc5_gen.json index ba6a4b35..bb28f9e3 100644 --- a/internal/data/assets/plugin_77702d7265636970652d6d616b6572811c9dc5_gen.json +++ b/internal/data/assets/plugin_77702d7265636970652d6d616b6572811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/085d06e1-31d3-4c01-8d8e-588c04b79ae3/wp-recipe-maker","title":"WP Recipe Maker <= 9.6.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'tooltip'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"085d06e1-31d3-4c01-8d8e-588c04b79ae3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/085d06e1-31d3-4c01-8d8e-588c04b79ae3?source=api-prod","cve":"CVE-2024-9650","affectedVersions":"<=9.6.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/0a1fa859-e06c-4ce2-9325-e0be01882a88/wp-recipe-maker","title":"WP Recipe Maker < 10.1.0 - Unauthenticated Arbitrary Shortcode Execution\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"0a1fa859-e06c-4ce2-9325-e0be01882a88"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0a1fa859-e06c-4ce2-9325-e0be01882a88?source=api-prod","cve":"CVE-2025-62897","affectedVersions":"<10.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/104b3c01-4623-43cb-aed4-16e3be62e1f9/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'group_tag'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"104b3c01-4623-43cb-aed4-16e3be62e1f9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/104b3c01-4623-43cb-aed4-16e3be62e1f9?source=api-prod","cve":"CVE-2024-0383","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/10c17e74-dced-483e-bcaf-00ff5b11059c/wp-recipe-maker","title":"WP Recipe Maker <= 10.2.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-24 21:09:18","sources":[{"name":"Wordfence","remoteId":"10c17e74-dced-483e-bcaf-00ff5b11059c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/10c17e74-dced-483e-bcaf-00ff5b11059c?source=api-prod","cve":"CVE-2025-14742","affectedVersions":"<=10.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/1f463ed1-06ad-430f-b450-1a73dc54f8a7/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via header_tag\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"1f463ed1-06ad-430f-b450-1a73dc54f8a7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1f463ed1-06ad-430f-b450-1a73dc54f8a7?source=api-prod","cve":"CVE-2024-0382","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/20842e95-4b91-4138-9e32-7c090724bf64/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Reflected Cross-Site Scripting via Referer\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"20842e95-4b91-4138-9e32-7c090724bf64"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/20842e95-4b91-4138-9e32-7c090724bf64?source=api-prod","cve":"CVE-2023-6970","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/457c4e56-c2a0-451f-a4a6-e7fb7bf7b0e0/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Directory Traversal\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"457c4e56-c2a0-451f-a4a6-e7fb7bf7b0e0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/457c4e56-c2a0-451f-a4a6-e7fb7bf7b0e0?source=api-prod","cve":"CVE-2024-0380","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/53a51408-e5d8-4727-9dec-8321c062c31e/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via icon_color\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"53a51408-e5d8-4727-9dec-8321c062c31e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/53a51408-e5d8-4727-9dec-8321c062c31e?source=api-prod","cve":"CVE-2024-0255","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/69cc7b6c-b6c2-4bba-afb4-86ba1b36b295/wp-recipe-maker","title":"WP Recipe Maker <= 9.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wprm-recipe-roundup-item Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"69cc7b6c-b6c2-4bba-afb4-86ba1b36b295"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/69cc7b6c-b6c2-4bba-afb4-86ba1b36b295?source=api-prod","cve":"CVE-2024-3490","affectedVersions":"<=9.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/6c098b35-606e-4dde-8683-4c90f518ddb5/wp-recipe-maker","title":"WP Recipe Maker <= 9.2.1 - Authenticated Stored Cross-Site Scripting via Video Embed\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"6c098b35-606e-4dde-8683-4c90f518ddb5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6c098b35-606e-4dde-8683-4c90f518ddb5?source=api-prod","cve":"CVE-2024-1571","affectedVersions":"<=9.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/749c5d09-1e9a-4aa1-b7c2-6f9d24f3a09b/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Recipe Notes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"749c5d09-1e9a-4aa1-b7c2-6f9d24f3a09b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/749c5d09-1e9a-4aa1-b7c2-6f9d24f3a09b?source=api-prod","cve":"CVE-2024-0384","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/90a5589f-f0e9-4511-9c5e-0afcee0824d5/wp-recipe-maker","title":"WP Recipe Maker <= 10.3.2 - Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-26 15:59:49","sources":[{"name":"Wordfence","remoteId":"90a5589f-f0e9-4511-9c5e-0afcee0824d5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/90a5589f-f0e9-4511-9c5e-0afcee0824d5?source=api-prod","cve":"CVE-2026-1558","affectedVersions":"<=10.3.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/96f77fdc-4e91-43c0-8bc6-7bb202945c7d/wp-recipe-maker","title":"WP Recipe Maker <= 10.2.2 - Insecure Direct Object Reference to Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-11 20:23:48","sources":[{"name":"Wordfence","remoteId":"96f77fdc-4e91-43c0-8bc6-7bb202945c7d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/96f77fdc-4e91-43c0-8bc6-7bb202945c7d?source=api-prod","cve":"CVE-2025-15527","affectedVersions":"<=10.2.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a28e3f3b-6f8d-4745-bb56-a7c9e973a4ca/wp-recipe-maker","title":"Recipe Maker <= 10.2.4 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"a28e3f3b-6f8d-4745-bb56-a7c9e973a4ca"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a28e3f3b-6f8d-4745-bb56-a7c9e973a4ca?source=api-prod","cve":"CVE-2026-24357","affectedVersions":"<=10.2.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/a7c949f0-fcd1-4984-95a2-b19fb72f04bb/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'tag'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"a7c949f0-fcd1-4984-95a2-b19fb72f04bb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a7c949f0-fcd1-4984-95a2-b19fb72f04bb?source=api-prod","cve":"CVE-2024-0381","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/b10d8f8a-517f-4286-b501-0ca040529362/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.2 - Missing Authorization to Authenticated (Subscriber+) SQL Injecton\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"b10d8f8a-517f-4286-b501-0ca040529362"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b10d8f8a-517f-4286-b501-0ca040529362?source=api-prod","cve":"CVE-2024-1206","affectedVersions":"<=9.1.2","severity":"high"},{"advisoryId":"WPSECADV/WF/e23f63a0-3061-42e0-a6be-05fa20a174ea/wp-recipe-maker","title":"WP Recipe Maker <= 9.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"e23f63a0-3061-42e0-a6be-05fa20a174ea"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e23f63a0-3061-42e0-a6be-05fa20a174ea?source=api-prod","cve":"CVE-2025-1503","affectedVersions":"<=9.8.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/e6030712-ae4f-4cdb-a500-dff689947ff3/wp-recipe-maker","title":"WP Recipe Maker <= 10.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-16 15:58:59","sources":[{"name":"Wordfence","remoteId":"e6030712-ae4f-4cdb-a500-dff689947ff3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e6030712-ae4f-4cdb-a500-dff689947ff3?source=api-prod","cve":"CVE-2025-14385","affectedVersions":"<=10.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/ec201702-8c8c-4049-b647-422d18001b7f/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"ec201702-8c8c-4049-b647-422d18001b7f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ec201702-8c8c-4049-b647-422d18001b7f?source=api-prod","cve":"CVE-2023-6958","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/f75093a5-e0cc-4d3b-bdef-a65561127b3d/wp-recipe-maker","title":"WP Recipe Maker <= 8.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"f75093a5-e0cc-4d3b-bdef-a65561127b3d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f75093a5-e0cc-4d3b-bdef-a65561127b3d?source=api-prod","cve":"CVE-2022-4468","affectedVersions":"<=8.6.0","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/085d06e1-31d3-4c01-8d8e-588c04b79ae3/wp-recipe-maker","title":"WP Recipe Maker <= 9.6.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'tooltip'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"085d06e1-31d3-4c01-8d8e-588c04b79ae3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/085d06e1-31d3-4c01-8d8e-588c04b79ae3?source=api-prod","cve":"CVE-2024-9650","affectedVersions":"<=9.6.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/0a1fa859-e06c-4ce2-9325-e0be01882a88/wp-recipe-maker","title":"WP Recipe Maker < 10.1.0 - Unauthenticated Arbitrary Shortcode Execution\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"0a1fa859-e06c-4ce2-9325-e0be01882a88"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0a1fa859-e06c-4ce2-9325-e0be01882a88?source=api-prod","cve":"CVE-2025-62897","affectedVersions":"<10.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/104b3c01-4623-43cb-aed4-16e3be62e1f9/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'group_tag'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"104b3c01-4623-43cb-aed4-16e3be62e1f9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/104b3c01-4623-43cb-aed4-16e3be62e1f9?source=api-prod","cve":"CVE-2024-0383","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/10c17e74-dced-483e-bcaf-00ff5b11059c/wp-recipe-maker","title":"WP Recipe Maker <= 10.2.4 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-24 21:09:18","sources":[{"name":"Wordfence","remoteId":"10c17e74-dced-483e-bcaf-00ff5b11059c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/10c17e74-dced-483e-bcaf-00ff5b11059c?source=api-prod","cve":"CVE-2025-14742","affectedVersions":"<=10.2.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/1f463ed1-06ad-430f-b450-1a73dc54f8a7/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via header_tag\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"1f463ed1-06ad-430f-b450-1a73dc54f8a7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1f463ed1-06ad-430f-b450-1a73dc54f8a7?source=api-prod","cve":"CVE-2024-0382","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/20842e95-4b91-4138-9e32-7c090724bf64/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Reflected Cross-Site Scripting via Referer\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"20842e95-4b91-4138-9e32-7c090724bf64"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/20842e95-4b91-4138-9e32-7c090724bf64?source=api-prod","cve":"CVE-2023-6970","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/457c4e56-c2a0-451f-a4a6-e7fb7bf7b0e0/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Directory Traversal\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"457c4e56-c2a0-451f-a4a6-e7fb7bf7b0e0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/457c4e56-c2a0-451f-a4a6-e7fb7bf7b0e0?source=api-prod","cve":"CVE-2024-0380","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/53a51408-e5d8-4727-9dec-8321c062c31e/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via icon_color\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"53a51408-e5d8-4727-9dec-8321c062c31e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/53a51408-e5d8-4727-9dec-8321c062c31e?source=api-prod","cve":"CVE-2024-0255","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/69cc7b6c-b6c2-4bba-afb4-86ba1b36b295/wp-recipe-maker","title":"WP Recipe Maker <= 9.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wprm-recipe-roundup-item Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"69cc7b6c-b6c2-4bba-afb4-86ba1b36b295"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/69cc7b6c-b6c2-4bba-afb4-86ba1b36b295?source=api-prod","cve":"CVE-2024-3490","affectedVersions":"<=9.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/6c098b35-606e-4dde-8683-4c90f518ddb5/wp-recipe-maker","title":"WP Recipe Maker <= 9.2.1 - Authenticated Stored Cross-Site Scripting via Video Embed\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"6c098b35-606e-4dde-8683-4c90f518ddb5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6c098b35-606e-4dde-8683-4c90f518ddb5?source=api-prod","cve":"CVE-2024-1571","affectedVersions":"<=9.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/749c5d09-1e9a-4aa1-b7c2-6f9d24f3a09b/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Recipe Notes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"749c5d09-1e9a-4aa1-b7c2-6f9d24f3a09b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/749c5d09-1e9a-4aa1-b7c2-6f9d24f3a09b?source=api-prod","cve":"CVE-2024-0384","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/90a5589f-f0e9-4511-9c5e-0afcee0824d5/wp-recipe-maker","title":"WP Recipe Maker <= 10.3.2 - Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-26 15:59:49","sources":[{"name":"Wordfence","remoteId":"90a5589f-f0e9-4511-9c5e-0afcee0824d5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/90a5589f-f0e9-4511-9c5e-0afcee0824d5?source=api-prod","cve":"CVE-2026-1558","affectedVersions":"<=10.3.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/96f77fdc-4e91-43c0-8bc6-7bb202945c7d/wp-recipe-maker","title":"WP Recipe Maker <= 10.2.2 - Insecure Direct Object Reference to Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-11 20:23:48","sources":[{"name":"Wordfence","remoteId":"96f77fdc-4e91-43c0-8bc6-7bb202945c7d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/96f77fdc-4e91-43c0-8bc6-7bb202945c7d?source=api-prod","cve":"CVE-2025-15527","affectedVersions":"<=10.2.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/a28e3f3b-6f8d-4745-bb56-a7c9e973a4ca/wp-recipe-maker","title":"Recipe Maker <= 10.2.4 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"a28e3f3b-6f8d-4745-bb56-a7c9e973a4ca"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a28e3f3b-6f8d-4745-bb56-a7c9e973a4ca?source=api-prod","cve":"CVE-2026-24357","affectedVersions":"<=10.2.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/a7c949f0-fcd1-4984-95a2-b19fb72f04bb/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'tag'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"a7c949f0-fcd1-4984-95a2-b19fb72f04bb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a7c949f0-fcd1-4984-95a2-b19fb72f04bb?source=api-prod","cve":"CVE-2024-0381","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/b10d8f8a-517f-4286-b501-0ca040529362/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.2 - Missing Authorization to Authenticated (Subscriber+) SQL Injecton\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"b10d8f8a-517f-4286-b501-0ca040529362"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b10d8f8a-517f-4286-b501-0ca040529362?source=api-prod","cve":"CVE-2024-1206","affectedVersions":"<=9.1.2","severity":"high"},{"advisoryId":"WPSECADV/WF/e23f63a0-3061-42e0-a6be-05fa20a174ea/wp-recipe-maker","title":"WP Recipe Maker <= 9.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"e23f63a0-3061-42e0-a6be-05fa20a174ea"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e23f63a0-3061-42e0-a6be-05fa20a174ea?source=api-prod","cve":"CVE-2025-1503","affectedVersions":"<=9.8.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/e6030712-ae4f-4cdb-a500-dff689947ff3/wp-recipe-maker","title":"WP Recipe Maker <= 10.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-16 15:58:59","sources":[{"name":"Wordfence","remoteId":"e6030712-ae4f-4cdb-a500-dff689947ff3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e6030712-ae4f-4cdb-a500-dff689947ff3?source=api-prod","cve":"CVE-2025-14385","affectedVersions":"<=10.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/ec201702-8c8c-4049-b647-422d18001b7f/wp-recipe-maker","title":"WP Recipe Maker <= 9.1.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"ec201702-8c8c-4049-b647-422d18001b7f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ec201702-8c8c-4049-b647-422d18001b7f?source=api-prod","cve":"CVE-2023-6958","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/f75093a5-e0cc-4d3b-bdef-a65561127b3d/wp-recipe-maker","title":"WP Recipe Maker <= 8.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"f75093a5-e0cc-4d3b-bdef-a65561127b3d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f75093a5-e0cc-4d3b-bdef-a65561127b3d?source=api-prod","cve":"CVE-2022-4468","affectedVersions":"<=8.6.0","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_77702d73656f2d737472756374757265642d646174612d736368656d61811c9dc5_gen.json b/internal/data/assets/plugin_77702d73656f2d737472756374757265642d646174612d736368656d61811c9dc5_gen.json index 0815d883..ae13784e 100644 --- a/internal/data/assets/plugin_77702d73656f2d737472756374757265642d646174612d736368656d61811c9dc5_gen.json +++ b/internal/data/assets/plugin_77702d73656f2d737472756374757265642d646174612d736368656d61811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/24f6c4e4-11c3-476f-9f50-42053b625ab8/wp-seo-structured-data-schema","title":"WP SEO Structured Data Schema <= 2.7.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin Settings\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-07 17:42:22","sources":[{"name":"Wordfence","remoteId":"24f6c4e4-11c3-476f-9f50-42053b625ab8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/24f6c4e4-11c3-476f-9f50-42053b625ab8?source=api-prod","cve":"CVE-2025-4127","affectedVersions":"<=2.7.11","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/24f6c4e4-11c3-476f-9f50-42053b625ab8/wp-seo-structured-data-schema","title":"WP SEO Structured Data Schema <= 2.7.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin Settings\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-07 17:42:22","sources":[{"name":"Wordfence","remoteId":"24f6c4e4-11c3-476f-9f50-42053b625ab8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/24f6c4e4-11c3-476f-9f50-42053b625ab8?source=api-prod","cve":"CVE-2025-4127","affectedVersions":"<=2.7.11","severity":"medium"},{"advisoryId":"WPSECADV/WF/315fbc93-5af3-4fe9-b97a-a09957e54c97/wp-seo-structured-data-schema","title":"WP SEO Structured Data Schema <= 2.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via '_kcseo_ative_tab' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-11 19:10:33","sources":[{"name":"Wordfence","remoteId":"315fbc93-5af3-4fe9-b97a-a09957e54c97"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/315fbc93-5af3-4fe9-b97a-a09957e54c97?source=api-prod","cve":"CVE-2026-3604","affectedVersions":"<=2.8.1","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_7770666f726f811c9dc5_gen.json b/internal/data/assets/plugin_7770666f726f811c9dc5_gen.json index 443974a0..9db757c0 100644 --- a/internal/data/assets/plugin_7770666f726f811c9dc5_gen.json +++ b/internal/data/assets/plugin_7770666f726f811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/01f4318f-b56b-4a34-987b-05edeee5da69/wpforo","title":"wpForo Forum <= 2.2.3 - Unauthenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"01f4318f-b56b-4a34-987b-05edeee5da69"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/01f4318f-b56b-4a34-987b-05edeee5da69?source=api-prod","cve":"CVE-2023-47868","affectedVersions":"<=2.2.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/049ffab1-677d-4112-9f1d-092ee01299f1/wpforo","title":"wpForo Forum <= 2.4.16 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Forum Post Modification via 'guestposting' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-16 14:05:14","sources":[{"name":"Wordfence","remoteId":"049ffab1-677d-4112-9f1d-092ee01299f1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/049ffab1-677d-4112-9f1d-092ee01299f1?source=api-prod","cve":"CVE-2026-4666","affectedVersions":"<=2.4.16","severity":"medium"},{"advisoryId":"WPSECADV/WF/05b15f33-0f95-458f-8c21-16c0dd98c8bc/wpforo","title":"wpForo Forum <= 2.4.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Profile Avatar\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-09 12:30:57","sources":[{"name":"Wordfence","remoteId":"05b15f33-0f95-458f-8c21-16c0dd98c8bc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/05b15f33-0f95-458f-8c21-16c0dd98c8bc?source=api-prod","cve":"CVE-2025-4406","affectedVersions":"<=2.4.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/07c01ab7-8bf8-4aa5-b5e6-8e47a3bf1f7c/wpforo","title":"wpForo Forum <= 2.0.9 - Authenticated (Subscriber+) Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"07c01ab7-8bf8-4aa5-b5e6-8e47a3bf1f7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/07c01ab7-8bf8-4aa5-b5e6-8e47a3bf1f7c?source=api-prod","cve":"CVE-2022-40200","affectedVersions":"<=2.0.9","severity":"high"},{"advisoryId":"WPSECADV/WF/0e46ac8d-89ee-4480-bb96-83f2044a4323/wpforo","title":"wpForo Forum <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion via 'data[body][fileurl]' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-10 18:51:03","sources":[{"name":"Wordfence","remoteId":"0e46ac8d-89ee-4480-bb96-83f2044a4323"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0e46ac8d-89ee-4480-bb96-83f2044a4323?source=api-prod","cve":"CVE-2026-5809","affectedVersions":"<=3.0.2","severity":"high"},{"advisoryId":"WPSECADV/WF/15967a0f-2512-4418-b503-b9d53032d40f/wpforo","title":"wpForo Forum <= 1.6.5 - Cross-Site Scripting via langid parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"15967a0f-2512-4418-b503-b9d53032d40f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/15967a0f-2512-4418-b503-b9d53032d40f?source=api-prod","cve":"CVE-2019-19111","affectedVersions":"<=1.6.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/2ce1a40f-1489-42be-963e-052274a56e47/wpforo","title":"wpForo Forum <= 2.0.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"2ce1a40f-1489-42be-963e-052274a56e47"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2ce1a40f-1489-42be-963e-052274a56e47?source=api-prod","cve":"CVE-2022-38144","affectedVersions":"<=2.0.5","severity":"high"},{"advisoryId":"WPSECADV/WF/3155f8ba-b50e-490c-81bd-4a63142f164b/wpforo","title":"wpForo Forum < 1.4.12 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-06-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"3155f8ba-b50e-490c-81bd-4a63142f164b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3155f8ba-b50e-490c-81bd-4a63142f164b?source=api-prod","cve":"CVE-2018-11709","affectedVersions":"<1.4.12","severity":"medium"},{"advisoryId":"WPSECADV/WF/35b6a26a-d7c1-4538-87f3-fcb1095797a3/wpforo","title":"wpForo Forum <= 2.1.8 - Reflected Cross-Site Scripting via 'wpforo_debug'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"35b6a26a-d7c1-4538-87f3-fcb1095797a3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/35b6a26a-d7c1-4538-87f3-fcb1095797a3?source=api-prod","cve":"CVE-2023-2309","affectedVersions":"<=2.1.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/3bce40ee-c378-4a44-9c5d-d83151975309/wpforo","title":"wpForo Forum <= 2.2.8 - Cross-Site Request Forgery via logout()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"3bce40ee-c378-4a44-9c5d-d83151975309"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3bce40ee-c378-4a44-9c5d-d83151975309?source=api-prod","cve":"CVE-2023-47870","affectedVersions":"<=2.2.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/3bee82d8-d019-450b-b532-5b3e2e3aff6f/wpforo","title":"wpForo Forum <= 1.6.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"3bee82d8-d019-450b-b532-5b3e2e3aff6f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3bee82d8-d019-450b-b532-5b3e2e3aff6f?source=api-prod","cve":"CVE-2019-19109","affectedVersions":"<=1.6.5","severity":"high"},{"advisoryId":"WPSECADV/WF/3c833223-c8c9-413f-9d72-6fb13101459b/wpforo","title":"wpForo Forum <= 2.4.13 - Authenticated (Subscriber+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"3c833223-c8c9-413f-9d72-6fb13101459b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3c833223-c8c9-413f-9d72-6fb13101459b?source=api-prod","cve":"CVE-2026-0910","affectedVersions":"<=2.4.13","severity":"high"},{"advisoryId":"WPSECADV/WF/44ba3eee-525e-46ba-ae02-6f7a28f80c50/wpforo","title":"wpForo < = 1.5.1 - Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-09-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"44ba3eee-525e-46ba-ae02-6f7a28f80c50"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/44ba3eee-525e-46ba-ae02-6f7a28f80c50?source=api-prod","cve":"CVE-2018-16613","affectedVersions":"<=1.5.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/4bb046c1-a0dd-4d2f-952f-953c5be0a7a2/wpforo","title":"wpForo Forum < 3.0.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"4bb046c1-a0dd-4d2f-952f-953c5be0a7a2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bb046c1-a0dd-4d2f-952f-953c5be0a7a2?source=api-prod","cve":"CVE-2026-40767","affectedVersions":"<3.0.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/4c447dbb-f8fb-4b46-9c47-20ab7330bbaa/wpforo","title":"wpForo Forum <= 2.4.14 - Unauthenticated Time-Based SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"4c447dbb-f8fb-4b46-9c47-20ab7330bbaa"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4c447dbb-f8fb-4b46-9c47-20ab7330bbaa?source=api-prod","cve":"CVE-2026-1581","affectedVersions":"<=2.4.14","severity":"high"},{"advisoryId":"WPSECADV/WF/5607a60e-a04a-4d28-bb04-bdacf8e97c56/wpforo","title":"wpForo Forum <= 2.2.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"5607a60e-a04a-4d28-bb04-bdacf8e97c56"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5607a60e-a04a-4d28-bb04-bdacf8e97c56?source=api-prod","cve":"CVE-2023-47872","affectedVersions":"<=2.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/71078aaf-9803-4b46-bc94-dbcb43745629/wpforo","title":"wpForo Forum <= 2.2.5 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"71078aaf-9803-4b46-bc94-dbcb43745629"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/71078aaf-9803-4b46-bc94-dbcb43745629?source=api-prod","cve":"CVE-2023-47869","affectedVersions":"<=2.2.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/79cc102a-6777-41be-a395-8c2eeb6deb73/wpforo","title":"wpForo Forum <= 3.0.5 - Authenticated (Subscriber+) Arbitrary File Deletion via Custom Profile Field File Path\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-20 05:51:32","sources":[{"name":"Wordfence","remoteId":"79cc102a-6777-41be-a395-8c2eeb6deb73"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/79cc102a-6777-41be-a395-8c2eeb6deb73?source=api-prod","cve":"CVE-2026-6248","affectedVersions":"<=3.0.5","severity":"high"},{"advisoryId":"WPSECADV/WF/800fa098-b29f-4979-b7bd-b1186a4dafcb/wpforo","title":"wpForo Forum <= 2.1.7 - Authenticated (Subscriber+) Local File Include, Server-Side Request Forgery, and PHAR Deserialization via file_get_contents\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"800fa098-b29f-4979-b7bd-b1186a4dafcb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/800fa098-b29f-4979-b7bd-b1186a4dafcb?source=api-prod","cve":"CVE-2023-2249","affectedVersions":"<=2.1.7","severity":"high"},{"advisoryId":"WPSECADV/WF/83cb1333-3c74-426d-9838-a5cb90be29b2/wpforo","title":"wpForo Forum <= 2.0.9 - Authenticated (Subscriber+) HTML Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"83cb1333-3c74-426d-9838-a5cb90be29b2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/83cb1333-3c74-426d-9838-a5cb90be29b2?source=api-prod","cve":"CVE-2022-38055","affectedVersions":"<=2.0.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/89a6aab0-e85b-4604-b911-03a01c5cca13/wpforo","title":"wpForo Forum <= 1.6.5 - Cross-Site Scripting via wpf-dw-td-value class\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"89a6aab0-e85b-4604-b911-03a01c5cca13"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/89a6aab0-e85b-4604-b911-03a01c5cca13?source=api-prod","cve":"CVE-2019-19112","affectedVersions":"<=1.6.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/8cd8ffcb-0a24-4e0a-a9f9-23501742715f/wpforo","title":"wpForo Forum <= 2.4.1 - Authenticated (Subscriber+) Arbitrary File Read in update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"8cd8ffcb-0a24-4e0a-a9f9-23501742715f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8cd8ffcb-0a24-4e0a-a9f9-23501742715f?source=api-prod","cve":"CVE-2025-0764","affectedVersions":"<=2.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/99650c4d-d8ef-4970-af65-b22b7fdf3543/wpforo","title":"wpForo Forum <= 2.3.4 - Unauthenticated Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"99650c4d-d8ef-4970-af65-b22b7fdf3543"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/99650c4d-d8ef-4970-af65-b22b7fdf3543?source=api-prod","cve":"CVE-2024-43289","affectedVersions":"<=2.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/9cac5c66-d366-4a67-b29b-4efed67ab55b/wpforo","title":"wpForo Forum <= 2.3.4 - Authenticated (Subscriber+) Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"9cac5c66-d366-4a67-b29b-4efed67ab55b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9cac5c66-d366-4a67-b29b-4efed67ab55b?source=api-prod","cve":"CVE-2024-43288","affectedVersions":"<=2.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/a313f4d0-fd9e-47f1-99eb-351a2aff9bea/wpforo","title":"wpForo Forum <= 2.0.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"a313f4d0-fd9e-47f1-99eb-351a2aff9bea"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a313f4d0-fd9e-47f1-99eb-351a2aff9bea?source=api-prod","cve":"CVE-2022-40632","affectedVersions":"<=2.0.5","severity":"high"},{"advisoryId":"WPSECADV/WF/a82769ae-84b2-45e3-a637-c98e0c0e77a9/wpforo","title":"wpForo Forum <= 2.4.3 - Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"a82769ae-84b2-45e3-a637-c98e0c0e77a9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a82769ae-84b2-45e3-a637-c98e0c0e77a9?source=api-prod","cve":"CVE-2025-31420","affectedVersions":"<=2.4.3","severity":"high"},{"advisoryId":"WPSECADV/WF/aa1eaac2-a23b-4ef6-803a-15f7ec7e5728/wpforo","title":"wpForo Forum <= 2.4.9 - Authenticated (Susbscriber+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"aa1eaac2-a23b-4ef6-803a-15f7ec7e5728"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/aa1eaac2-a23b-4ef6-803a-15f7ec7e5728?source=api-prod","cve":"CVE-2025-11740","affectedVersions":"<=2.4.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/aa830c67-2860-489f-aa67-c7cc74437709/wpforo","title":"wpForo Forum <= 2.4.6 - Authenticated (Subscriber+) Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"aa830c67-2860-489f-aa67-c7cc74437709"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/aa830c67-2860-489f-aa67-c7cc74437709?source=api-prod","cve":"CVE-2025-58597","affectedVersions":"<=2.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/b3c65619-e96c-47e1-b42a-a85d0b5237d9/wpforo","title":"wpForo Forum <= 1.6.5 - Cross-Site Scripting via s parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"b3c65619-e96c-47e1-b42a-a85d0b5237d9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b3c65619-e96c-47e1-b42a-a85d0b5237d9?source=api-prod","cve":"CVE-2019-19110","affectedVersions":"<=1.6.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc406e8a-c4eb-45c3-a53c-37644e0dabfa/wpforo","title":"wpForo Forum <= 2.4.8 - Unauthenticated SQL Injection via get_members Function\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc406e8a-c4eb-45c3-a53c-37644e0dabfa"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc406e8a-c4eb-45c3-a53c-37644e0dabfa?source=api-prod","cve":"CVE-2025-4203","affectedVersions":"<=2.4.8","severity":"high"},{"advisoryId":"WPSECADV/WF/ca46ea28-3115-4db1-8aeb-cbef731b0376/wpforo","title":"wpForo Forum <= 2.0.9 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"ca46ea28-3115-4db1-8aeb-cbef731b0376"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ca46ea28-3115-4db1-8aeb-cbef731b0376?source=api-prod","cve":"CVE-2022-40192","affectedVersions":"<=2.0.9","severity":"high"},{"advisoryId":"WPSECADV/WF/e35be8ee-81a3-42ce-8304-992bc75663fd/wpforo","title":"wpForo Forum <= 2.0.5 - Insecure Direct Object Reference to Forum Privacy Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-26 09:52:00","sources":[{"name":"Wordfence","remoteId":"e35be8ee-81a3-42ce-8304-992bc75663fd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e35be8ee-81a3-42ce-8304-992bc75663fd?source=api-prod","cve":"CVE-2022-40206","affectedVersions":"<=2.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/ebf84c6a-fd6c-4113-91ff-27c7564cabdb/wpforo","title":"wpForo Forum <= 1.9.6 - Open Redirect\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-06-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"ebf84c6a-fd6c-4113-91ff-27c7564cabdb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ebf84c6a-fd6c-4113-91ff-27c7564cabdb?source=api-prod","cve":"CVE-2021-24406","affectedVersions":"<=1.9.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/ee78642c-ad2a-4012-94e8-e01f71863791/wpforo","title":"wpForo Forum <= 2.0.5 - Insecure Direct Object Reference to Forum Status Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-26 09:03:00","sources":[{"name":"Wordfence","remoteId":"ee78642c-ad2a-4012-94e8-e01f71863791"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ee78642c-ad2a-4012-94e8-e01f71863791?source=api-prod","cve":"CVE-2022-40205","affectedVersions":"<=2.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/f215e320-8563-4d25-9963-ed3664b4901d/wpforo","title":"wpForo Forum <= 2.4.16 - Authenticated (Subscriber+) Arbitrary File Deletion via Post Body\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-03 22:11:24","sources":[{"name":"Wordfence","remoteId":"f215e320-8563-4d25-9963-ed3664b4901d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f215e320-8563-4d25-9963-ed3664b4901d?source=api-prod","cve":"CVE-2026-3666","affectedVersions":"<=2.4.16","severity":"high"},{"advisoryId":"WPSECADV/WF/f53700f8-9a9e-449c-8f7f-38724d74bd49/wpforo","title":"wpForo Forum <= 2.4.10 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"f53700f8-9a9e-449c-8f7f-38724d74bd49"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f53700f8-9a9e-449c-8f7f-38724d74bd49?source=api-prod","cve":"CVE-2025-66070","affectedVersions":"<=2.4.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/f54cdad2-88db-4604-8064-fa6175176760/wpforo","title":"wpForo Forum <= 2.3.3 - Authenticated (Contributor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 19:39:04","sources":[{"name":"Wordfence","remoteId":"f54cdad2-88db-4604-8064-fa6175176760"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f54cdad2-88db-4604-8064-fa6175176760?source=api-prod","cve":"CVE-2024-3200","affectedVersions":"<=2.3.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/fd1704ef-e259-40a3-974b-128145bc8a4a/wpforo","title":"wpForo Forum <= 2.4.12 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-13 16:20:06","sources":[{"name":"Wordfence","remoteId":"fd1704ef-e259-40a3-974b-128145bc8a4a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd1704ef-e259-40a3-974b-128145bc8a4a?source=api-prod","cve":"CVE-2025-13126","affectedVersions":"<=2.4.12","severity":"high"},{"advisoryId":"WPSECADV/WF/fea6ddd5-f168-471c-99eb-efc46d1bfeb9/wpforo","title":"wpForo Forum <= 1.4.12 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-05-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"fea6ddd5-f168-471c-99eb-efc46d1bfeb9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fea6ddd5-f168-471c-99eb-efc46d1bfeb9?source=api-prod","cve":"CVE-2018-11515","affectedVersions":"<=1.4.12","severity":"critical"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/01f4318f-b56b-4a34-987b-05edeee5da69/wpforo","title":"wpForo Forum <= 2.2.3 - Unauthenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"01f4318f-b56b-4a34-987b-05edeee5da69"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/01f4318f-b56b-4a34-987b-05edeee5da69?source=api-prod","cve":"CVE-2023-47868","affectedVersions":"<=2.2.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/049ffab1-677d-4112-9f1d-092ee01299f1/wpforo","title":"wpForo Forum <= 2.4.16 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Forum Post Modification via 'guestposting' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-16 14:05:14","sources":[{"name":"Wordfence","remoteId":"049ffab1-677d-4112-9f1d-092ee01299f1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/049ffab1-677d-4112-9f1d-092ee01299f1?source=api-prod","cve":"CVE-2026-4666","affectedVersions":"<=2.4.16","severity":"medium"},{"advisoryId":"WPSECADV/WF/05b15f33-0f95-458f-8c21-16c0dd98c8bc/wpforo","title":"wpForo Forum <= 2.4.5 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Profile Avatar\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-09 12:30:57","sources":[{"name":"Wordfence","remoteId":"05b15f33-0f95-458f-8c21-16c0dd98c8bc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/05b15f33-0f95-458f-8c21-16c0dd98c8bc?source=api-prod","cve":"CVE-2025-4406","affectedVersions":"<=2.4.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/07c01ab7-8bf8-4aa5-b5e6-8e47a3bf1f7c/wpforo","title":"wpForo Forum <= 2.0.9 - Authenticated (Subscriber+) Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"07c01ab7-8bf8-4aa5-b5e6-8e47a3bf1f7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/07c01ab7-8bf8-4aa5-b5e6-8e47a3bf1f7c?source=api-prod","cve":"CVE-2022-40200","affectedVersions":"<=2.0.9","severity":"high"},{"advisoryId":"WPSECADV/WF/0e46ac8d-89ee-4480-bb96-83f2044a4323/wpforo","title":"wpForo Forum <= 3.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion via 'data[body][fileurl]' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-10 18:51:03","sources":[{"name":"Wordfence","remoteId":"0e46ac8d-89ee-4480-bb96-83f2044a4323"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0e46ac8d-89ee-4480-bb96-83f2044a4323?source=api-prod","cve":"CVE-2026-5809","affectedVersions":"<=3.0.2","severity":"high"},{"advisoryId":"WPSECADV/WF/15967a0f-2512-4418-b503-b9d53032d40f/wpforo","title":"wpForo Forum <= 1.6.5 - Cross-Site Scripting via langid parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"15967a0f-2512-4418-b503-b9d53032d40f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/15967a0f-2512-4418-b503-b9d53032d40f?source=api-prod","cve":"CVE-2019-19111","affectedVersions":"<=1.6.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/2ce1a40f-1489-42be-963e-052274a56e47/wpforo","title":"wpForo Forum <= 2.0.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"2ce1a40f-1489-42be-963e-052274a56e47"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2ce1a40f-1489-42be-963e-052274a56e47?source=api-prod","cve":"CVE-2022-38144","affectedVersions":"<=2.0.5","severity":"high"},{"advisoryId":"WPSECADV/WF/3155f8ba-b50e-490c-81bd-4a63142f164b/wpforo","title":"wpForo Forum < 1.4.12 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-06-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"3155f8ba-b50e-490c-81bd-4a63142f164b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3155f8ba-b50e-490c-81bd-4a63142f164b?source=api-prod","cve":"CVE-2018-11709","affectedVersions":"<1.4.12","severity":"medium"},{"advisoryId":"WPSECADV/WF/35b6a26a-d7c1-4538-87f3-fcb1095797a3/wpforo","title":"wpForo Forum <= 2.1.8 - Reflected Cross-Site Scripting via 'wpforo_debug'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"35b6a26a-d7c1-4538-87f3-fcb1095797a3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/35b6a26a-d7c1-4538-87f3-fcb1095797a3?source=api-prod","cve":"CVE-2023-2309","affectedVersions":"<=2.1.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/3bce40ee-c378-4a44-9c5d-d83151975309/wpforo","title":"wpForo Forum <= 2.2.8 - Cross-Site Request Forgery via logout()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"3bce40ee-c378-4a44-9c5d-d83151975309"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3bce40ee-c378-4a44-9c5d-d83151975309?source=api-prod","cve":"CVE-2023-47870","affectedVersions":"<=2.2.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/3bee82d8-d019-450b-b532-5b3e2e3aff6f/wpforo","title":"wpForo Forum <= 1.6.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"3bee82d8-d019-450b-b532-5b3e2e3aff6f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3bee82d8-d019-450b-b532-5b3e2e3aff6f?source=api-prod","cve":"CVE-2019-19109","affectedVersions":"<=1.6.5","severity":"high"},{"advisoryId":"WPSECADV/WF/3c833223-c8c9-413f-9d72-6fb13101459b/wpforo","title":"wpForo Forum <= 2.4.13 - Authenticated (Subscriber+) PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"3c833223-c8c9-413f-9d72-6fb13101459b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3c833223-c8c9-413f-9d72-6fb13101459b?source=api-prod","cve":"CVE-2026-0910","affectedVersions":"<=2.4.13","severity":"high"},{"advisoryId":"WPSECADV/WF/44ba3eee-525e-46ba-ae02-6f7a28f80c50/wpforo","title":"wpForo < = 1.5.1 - Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-09-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"44ba3eee-525e-46ba-ae02-6f7a28f80c50"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/44ba3eee-525e-46ba-ae02-6f7a28f80c50?source=api-prod","cve":"CVE-2018-16613","affectedVersions":"<=1.5.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/4bb046c1-a0dd-4d2f-952f-953c5be0a7a2/wpforo","title":"wpForo Forum < 3.0.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"4bb046c1-a0dd-4d2f-952f-953c5be0a7a2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bb046c1-a0dd-4d2f-952f-953c5be0a7a2?source=api-prod","cve":"CVE-2026-40767","affectedVersions":"<3.0.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/4c447dbb-f8fb-4b46-9c47-20ab7330bbaa/wpforo","title":"wpForo Forum <= 2.4.14 - Unauthenticated Time-Based SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"4c447dbb-f8fb-4b46-9c47-20ab7330bbaa"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4c447dbb-f8fb-4b46-9c47-20ab7330bbaa?source=api-prod","cve":"CVE-2026-1581","affectedVersions":"<=2.4.14","severity":"high"},{"advisoryId":"WPSECADV/WF/5607a60e-a04a-4d28-bb04-bdacf8e97c56/wpforo","title":"wpForo Forum <= 2.2.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"5607a60e-a04a-4d28-bb04-bdacf8e97c56"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5607a60e-a04a-4d28-bb04-bdacf8e97c56?source=api-prod","cve":"CVE-2023-47872","affectedVersions":"<=2.2.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/71078aaf-9803-4b46-bc94-dbcb43745629/wpforo","title":"wpForo Forum <= 2.2.5 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"71078aaf-9803-4b46-bc94-dbcb43745629"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/71078aaf-9803-4b46-bc94-dbcb43745629?source=api-prod","cve":"CVE-2023-47869","affectedVersions":"<=2.2.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/79cc102a-6777-41be-a395-8c2eeb6deb73/wpforo","title":"wpForo Forum <= 3.0.5 - Authenticated (Subscriber+) Arbitrary File Deletion via Custom Profile Field File Path\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-20 05:51:32","sources":[{"name":"Wordfence","remoteId":"79cc102a-6777-41be-a395-8c2eeb6deb73"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/79cc102a-6777-41be-a395-8c2eeb6deb73?source=api-prod","cve":"CVE-2026-6248","affectedVersions":"<=3.0.5","severity":"high"},{"advisoryId":"WPSECADV/WF/800fa098-b29f-4979-b7bd-b1186a4dafcb/wpforo","title":"wpForo Forum <= 2.1.7 - Authenticated (Subscriber+) Local File Include, Server-Side Request Forgery, and PHAR Deserialization via file_get_contents\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"800fa098-b29f-4979-b7bd-b1186a4dafcb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/800fa098-b29f-4979-b7bd-b1186a4dafcb?source=api-prod","cve":"CVE-2023-2249","affectedVersions":"<=2.1.7","severity":"high"},{"advisoryId":"WPSECADV/WF/83cb1333-3c74-426d-9838-a5cb90be29b2/wpforo","title":"wpForo Forum <= 2.0.9 - Authenticated (Subscriber+) HTML Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"83cb1333-3c74-426d-9838-a5cb90be29b2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/83cb1333-3c74-426d-9838-a5cb90be29b2?source=api-prod","cve":"CVE-2022-38055","affectedVersions":"<=2.0.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/89a6aab0-e85b-4604-b911-03a01c5cca13/wpforo","title":"wpForo Forum <= 1.6.5 - Cross-Site Scripting via wpf-dw-td-value class\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"89a6aab0-e85b-4604-b911-03a01c5cca13"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/89a6aab0-e85b-4604-b911-03a01c5cca13?source=api-prod","cve":"CVE-2019-19112","affectedVersions":"<=1.6.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/8cd8ffcb-0a24-4e0a-a9f9-23501742715f/wpforo","title":"wpForo Forum <= 2.4.1 - Authenticated (Subscriber+) Arbitrary File Read in update\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"8cd8ffcb-0a24-4e0a-a9f9-23501742715f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8cd8ffcb-0a24-4e0a-a9f9-23501742715f?source=api-prod","cve":"CVE-2025-0764","affectedVersions":"<=2.4.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/99650c4d-d8ef-4970-af65-b22b7fdf3543/wpforo","title":"wpForo Forum <= 2.3.4 - Unauthenticated Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"99650c4d-d8ef-4970-af65-b22b7fdf3543"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/99650c4d-d8ef-4970-af65-b22b7fdf3543?source=api-prod","cve":"CVE-2024-43289","affectedVersions":"<=2.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/9cac5c66-d366-4a67-b29b-4efed67ab55b/wpforo","title":"wpForo Forum <= 2.3.4 - Authenticated (Subscriber+) Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"9cac5c66-d366-4a67-b29b-4efed67ab55b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9cac5c66-d366-4a67-b29b-4efed67ab55b?source=api-prod","cve":"CVE-2024-43288","affectedVersions":"<=2.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/a313f4d0-fd9e-47f1-99eb-351a2aff9bea/wpforo","title":"wpForo Forum <= 2.0.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"a313f4d0-fd9e-47f1-99eb-351a2aff9bea"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a313f4d0-fd9e-47f1-99eb-351a2aff9bea?source=api-prod","cve":"CVE-2022-40632","affectedVersions":"<=2.0.5","severity":"high"},{"advisoryId":"WPSECADV/WF/a82769ae-84b2-45e3-a637-c98e0c0e77a9/wpforo","title":"wpForo Forum <= 2.4.3 - Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"a82769ae-84b2-45e3-a637-c98e0c0e77a9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a82769ae-84b2-45e3-a637-c98e0c0e77a9?source=api-prod","cve":"CVE-2025-31420","affectedVersions":"<=2.4.3","severity":"high"},{"advisoryId":"WPSECADV/WF/aa1eaac2-a23b-4ef6-803a-15f7ec7e5728/wpforo","title":"wpForo Forum <= 2.4.9 - Authenticated (Susbscriber+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"aa1eaac2-a23b-4ef6-803a-15f7ec7e5728"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/aa1eaac2-a23b-4ef6-803a-15f7ec7e5728?source=api-prod","cve":"CVE-2025-11740","affectedVersions":"<=2.4.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/aa830c67-2860-489f-aa67-c7cc74437709/wpforo","title":"wpForo Forum <= 2.4.6 - Authenticated (Subscriber+) Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"aa830c67-2860-489f-aa67-c7cc74437709"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/aa830c67-2860-489f-aa67-c7cc74437709?source=api-prod","cve":"CVE-2025-58597","affectedVersions":"<=2.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/b3c65619-e96c-47e1-b42a-a85d0b5237d9/wpforo","title":"wpForo Forum <= 1.6.5 - Cross-Site Scripting via s parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"b3c65619-e96c-47e1-b42a-a85d0b5237d9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b3c65619-e96c-47e1-b42a-a85d0b5237d9?source=api-prod","cve":"CVE-2019-19110","affectedVersions":"<=1.6.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/bc406e8a-c4eb-45c3-a53c-37644e0dabfa/wpforo","title":"wpForo Forum <= 2.4.8 - Unauthenticated SQL Injection via get_members Function\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"bc406e8a-c4eb-45c3-a53c-37644e0dabfa"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc406e8a-c4eb-45c3-a53c-37644e0dabfa?source=api-prod","cve":"CVE-2025-4203","affectedVersions":"<=2.4.8","severity":"high"},{"advisoryId":"WPSECADV/WF/c6070ea5-3231-4a36-b154-400c86eaf31b/wpforo","title":"wpForo Forum <= 3.0.4 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"c6070ea5-3231-4a36-b154-400c86eaf31b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c6070ea5-3231-4a36-b154-400c86eaf31b?source=api-prod","cve":"CVE-2026-40798","affectedVersions":"<=3.0.4","severity":"high"},{"advisoryId":"WPSECADV/WF/ca46ea28-3115-4db1-8aeb-cbef731b0376/wpforo","title":"wpForo Forum <= 2.0.9 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"ca46ea28-3115-4db1-8aeb-cbef731b0376"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ca46ea28-3115-4db1-8aeb-cbef731b0376?source=api-prod","cve":"CVE-2022-40192","affectedVersions":"<=2.0.9","severity":"high"},{"advisoryId":"WPSECADV/WF/e35be8ee-81a3-42ce-8304-992bc75663fd/wpforo","title":"wpForo Forum <= 2.0.5 - Insecure Direct Object Reference to Forum Privacy Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-26 09:52:00","sources":[{"name":"Wordfence","remoteId":"e35be8ee-81a3-42ce-8304-992bc75663fd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e35be8ee-81a3-42ce-8304-992bc75663fd?source=api-prod","cve":"CVE-2022-40206","affectedVersions":"<=2.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/ebf84c6a-fd6c-4113-91ff-27c7564cabdb/wpforo","title":"wpForo Forum <= 1.9.6 - Open Redirect\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-06-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"ebf84c6a-fd6c-4113-91ff-27c7564cabdb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ebf84c6a-fd6c-4113-91ff-27c7564cabdb?source=api-prod","cve":"CVE-2021-24406","affectedVersions":"<=1.9.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/ee78642c-ad2a-4012-94e8-e01f71863791/wpforo","title":"wpForo Forum <= 2.0.5 - Insecure Direct Object Reference to Forum Status Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-26 09:03:00","sources":[{"name":"Wordfence","remoteId":"ee78642c-ad2a-4012-94e8-e01f71863791"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ee78642c-ad2a-4012-94e8-e01f71863791?source=api-prod","cve":"CVE-2022-40205","affectedVersions":"<=2.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/f215e320-8563-4d25-9963-ed3664b4901d/wpforo","title":"wpForo Forum <= 2.4.16 - Authenticated (Subscriber+) Arbitrary File Deletion via Post Body\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-03 22:11:24","sources":[{"name":"Wordfence","remoteId":"f215e320-8563-4d25-9963-ed3664b4901d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f215e320-8563-4d25-9963-ed3664b4901d?source=api-prod","cve":"CVE-2026-3666","affectedVersions":"<=2.4.16","severity":"high"},{"advisoryId":"WPSECADV/WF/f53700f8-9a9e-449c-8f7f-38724d74bd49/wpforo","title":"wpForo Forum <= 2.4.10 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"f53700f8-9a9e-449c-8f7f-38724d74bd49"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f53700f8-9a9e-449c-8f7f-38724d74bd49?source=api-prod","cve":"CVE-2025-66070","affectedVersions":"<=2.4.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/f54cdad2-88db-4604-8064-fa6175176760/wpforo","title":"wpForo Forum <= 2.3.3 - Authenticated (Contributor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-31 19:39:04","sources":[{"name":"Wordfence","remoteId":"f54cdad2-88db-4604-8064-fa6175176760"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f54cdad2-88db-4604-8064-fa6175176760?source=api-prod","cve":"CVE-2024-3200","affectedVersions":"<=2.3.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/fd1704ef-e259-40a3-974b-128145bc8a4a/wpforo","title":"wpForo Forum <= 2.4.12 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-13 16:20:06","sources":[{"name":"Wordfence","remoteId":"fd1704ef-e259-40a3-974b-128145bc8a4a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd1704ef-e259-40a3-974b-128145bc8a4a?source=api-prod","cve":"CVE-2025-13126","affectedVersions":"<=2.4.12","severity":"high"},{"advisoryId":"WPSECADV/WF/fea6ddd5-f168-471c-99eb-efc46d1bfeb9/wpforo","title":"wpForo Forum <= 1.4.12 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-05-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"fea6ddd5-f168-471c-99eb-efc46d1bfeb9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fea6ddd5-f168-471c-99eb-efc46d1bfeb9?source=api-prod","cve":"CVE-2018-11515","affectedVersions":"<=1.4.12","severity":"critical"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_796974682d776f6f636f6d6d657263652d776973686c697374811c9dc5_gen.json b/internal/data/assets/plugin_796974682d776f6f636f6d6d657263652d776973686c697374811c9dc5_gen.json index 11d29b4e..5b831d58 100644 --- a/internal/data/assets/plugin_796974682d776f6f636f6d6d657263652d776973686c697374811c9dc5_gen.json +++ b/internal/data/assets/plugin_796974682d776f6f636f6d6d657263652d776973686c697374811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/0088a97c-5a06-4500-a923-242499596aca/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 4.10.0 - Unauthenticated Wishlist Token Disclosure to Wishlist Item Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-18 14:28:55","sources":[{"name":"Wordfence","remoteId":"0088a97c-5a06-4500-a923-242499596aca"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0088a97c-5a06-4500-a923-242499596aca?source=api-prod","cve":"CVE-2025-12777","affectedVersions":"<=4.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/3737d7a0-76d6-4292-aa31-6ee2cb0e9575/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 2.1.2 - SQL Injection\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-01-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"3737d7a0-76d6-4292-aa31-6ee2cb0e9575"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3737d7a0-76d6-4292-aa31-6ee2cb0e9575?source=api-prod","affectedVersions":"<=2.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/3b34a0c6-3573-48c7-8edb-c9cf9503da06/yith-woocommerce-wishlist","title":"YIT Plugin Framework <= 3.3.8 - Authenticated Settings Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-10-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"3b34a0c6-3573-48c7-8edb-c9cf9503da06"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3b34a0c6-3573-48c7-8edb-c9cf9503da06?source=api-prod","cve":"CVE-2019-16251","affectedVersions":"<=2.2.13","severity":"medium"},{"advisoryId":"WPSECADV/WF/603813a4-73e1-47fd-8a6c-9416d21b6c88/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 3.32.0 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"603813a4-73e1-47fd-8a6c-9416d21b6c88"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/603813a4-73e1-47fd-8a6c-9416d21b6c88?source=api-prod","cve":"CVE-2024-34385","affectedVersions":"<=3.32.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/6d4b0434-61ca-47b1-9119-7208283f916f/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 4.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-06-13 21:04:41","sources":[{"name":"Wordfence","remoteId":"6d4b0434-61ca-47b1-9119-7208283f916f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6d4b0434-61ca-47b1-9119-7208283f916f?source=api-prod","cve":"CVE-2025-5238","affectedVersions":"<=4.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/7e947678-a575-4b2c-8da1-4a801a7a642c/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist < 4.13.0 - Unauthenticated Insecure Direct Object Reference to Wishlist Rename\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"7e947678-a575-4b2c-8da1-4a801a7a642c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7e947678-a575-4b2c-8da1-4a801a7a642c?source=api-prod","cve":"CVE-2026-4432","affectedVersions":"<4.13.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/b948574a-0aab-4596-83e6-04be21f78bc1/yith-woocommerce-wishlist","title":"YITH plugins by YITHEMES <= (Various Versions) - Missing Authorization\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"b948574a-0aab-4596-83e6-04be21f78bc1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b948574a-0aab-4596-83e6-04be21f78bc1?source=api-prod","affectedVersions":"<=3.14.0","severity":"high"},{"advisoryId":"WPSECADV/WF/f002d061-4e9d-49be-9d4c-c470ec97f653/yith-woocommerce-wishlist","title":"YITH plugins by YITHEMES <= (Various Versions) - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"f002d061-4e9d-49be-9d4c-c470ec97f653"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f002d061-4e9d-49be-9d4c-c470ec97f653?source=api-prod","cve":"CVE-2022-44630","affectedVersions":"<=3.14.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/ffdb95ac-6b22-44a9-bd5c-b802a2d908d7/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 4.10.0 - Unauthenticated Insecure Direct Object Reference to Unauthenticated Wishlist Rename\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-18 14:26:06","sources":[{"name":"Wordfence","remoteId":"ffdb95ac-6b22-44a9-bd5c-b802a2d908d7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ffdb95ac-6b22-44a9-bd5c-b802a2d908d7?source=api-prod","cve":"CVE-2025-12427","affectedVersions":"<=4.10.0","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/0088a97c-5a06-4500-a923-242499596aca/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 4.10.0 - Unauthenticated Wishlist Token Disclosure to Wishlist Item Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-18 14:28:55","sources":[{"name":"Wordfence","remoteId":"0088a97c-5a06-4500-a923-242499596aca"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0088a97c-5a06-4500-a923-242499596aca?source=api-prod","cve":"CVE-2025-12777","affectedVersions":"<=4.10.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/3737d7a0-76d6-4292-aa31-6ee2cb0e9575/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 2.1.2 - SQL Injection\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2018-01-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"3737d7a0-76d6-4292-aa31-6ee2cb0e9575"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3737d7a0-76d6-4292-aa31-6ee2cb0e9575?source=api-prod","affectedVersions":"<=2.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/3b34a0c6-3573-48c7-8edb-c9cf9503da06/yith-woocommerce-wishlist","title":"YIT Plugin Framework <= 3.3.8 - Authenticated Settings Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-10-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"3b34a0c6-3573-48c7-8edb-c9cf9503da06"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3b34a0c6-3573-48c7-8edb-c9cf9503da06?source=api-prod","cve":"CVE-2019-16251","affectedVersions":"<=2.2.13","severity":"medium"},{"advisoryId":"WPSECADV/WF/603813a4-73e1-47fd-8a6c-9416d21b6c88/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 3.32.0 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"603813a4-73e1-47fd-8a6c-9416d21b6c88"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/603813a4-73e1-47fd-8a6c-9416d21b6c88?source=api-prod","cve":"CVE-2024-34385","affectedVersions":"<=3.32.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/6d4b0434-61ca-47b1-9119-7208283f916f/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 4.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-06-13 21:04:41","sources":[{"name":"Wordfence","remoteId":"6d4b0434-61ca-47b1-9119-7208283f916f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6d4b0434-61ca-47b1-9119-7208283f916f?source=api-prod","cve":"CVE-2025-5238","affectedVersions":"<=4.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/73f0e8f0-88cd-4994-ad85-a0cf3e825a7b/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 4.12.0 - Unauthenticated Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"73f0e8f0-88cd-4994-ad85-a0cf3e825a7b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/73f0e8f0-88cd-4994-ad85-a0cf3e825a7b?source=api-prod","cve":"CVE-2026-27329","affectedVersions":"<=4.12.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/7e947678-a575-4b2c-8da1-4a801a7a642c/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist < 4.13.0 - Unauthenticated Insecure Direct Object Reference to Wishlist Rename\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"7e947678-a575-4b2c-8da1-4a801a7a642c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7e947678-a575-4b2c-8da1-4a801a7a642c?source=api-prod","cve":"CVE-2026-4432","affectedVersions":"<4.13.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/b948574a-0aab-4596-83e6-04be21f78bc1/yith-woocommerce-wishlist","title":"YITH plugins by YITHEMES <= (Various Versions) - Missing Authorization\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"b948574a-0aab-4596-83e6-04be21f78bc1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b948574a-0aab-4596-83e6-04be21f78bc1?source=api-prod","affectedVersions":"<=3.14.0","severity":"high"},{"advisoryId":"WPSECADV/WF/f002d061-4e9d-49be-9d4c-c470ec97f653/yith-woocommerce-wishlist","title":"YITH plugins by YITHEMES <= (Various Versions) - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"f002d061-4e9d-49be-9d4c-c470ec97f653"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f002d061-4e9d-49be-9d4c-c470ec97f653?source=api-prod","cve":"CVE-2022-44630","affectedVersions":"<=3.14.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/ffdb95ac-6b22-44a9-bd5c-b802a2d908d7/yith-woocommerce-wishlist","title":"YITH WooCommerce Wishlist <= 4.10.0 - Unauthenticated Insecure Direct Object Reference to Unauthenticated Wishlist Rename\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-18 14:26:06","sources":[{"name":"Wordfence","remoteId":"ffdb95ac-6b22-44a9-bd5c-b802a2d908d7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ffdb95ac-6b22-44a9-bd5c-b802a2d908d7?source=api-prod","cve":"CVE-2025-12427","affectedVersions":"<=4.10.0","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/theme_6176616e7465811c9dc5_gen.json b/internal/data/assets/theme_6176616e7465811c9dc5_gen.json new file mode 100644 index 00000000..d903ec0c --- /dev/null +++ b/internal/data/assets/theme_6176616e7465811c9dc5_gen.json @@ -0,0 +1 @@ +[{"advisoryId":"WPSECADV/WF/e753b8cd-8409-4bcf-9bee-0eb70179f3a3/avante","title":"Avante < 3.0.5 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"e753b8cd-8409-4bcf-9bee-0eb70179f3a3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e753b8cd-8409-4bcf-9bee-0eb70179f3a3?source=api-prod","cve":"CVE-2025-68524","affectedVersions":"<3.0.5","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets_gen.go b/internal/data/assets_gen.go index 994cf7b1..06492c43 100644 --- a/internal/data/assets_gen.go +++ b/internal/data/assets_gen.go @@ -318,6 +318,8 @@ var ( theme_6176616e6978811c9dc5 []byte //go:embed assets/theme_6176616e74616765811c9dc5_gen.json theme_6176616e74616765811c9dc5 []byte + //go:embed assets/theme_6176616e7465811c9dc5_gen.json + theme_6176616e7465811c9dc5 []byte //go:embed assets/theme_617669616e61811c9dc5_gen.json theme_617669616e61811c9dc5 []byte //go:embed assets/theme_617676656e74757265811c9dc5_gen.json @@ -4392,6 +4394,8 @@ func themeAdvisories(slug string) ([]byte, error) { return theme_6176616e6978811c9dc5, nil case "avantage": return theme_6176616e74616765811c9dc5, nil + case "avante": + return theme_6176616e7465811c9dc5, nil case "aviana": return theme_617669616e61811c9dc5, nil case "avventure": diff --git a/internal/data/assets_gen_test.go b/internal/data/assets_gen_test.go index 1490ea28..265a878b 100644 --- a/internal/data/assets_gen_test.go +++ b/internal/data/assets_gen_test.go @@ -2732,6 +2732,7 @@ func plugins() []string { "contextual-adminbar-color", "contextual-related-posts", "contexture-page-security", + "continually", "continue-shopping-from-cart-page", "continuous-announcement-scroller", "continuous-image-carousel-with-lightbox", @@ -4544,6 +4545,7 @@ func plugins() []string { "fast-wp", "fast-wp-speed", "fastbook-responsive-appointment-booking-and-scheduling-system", + "fastbots-ai-chatbots", "fastcgi-cache-purge-and-preload-nginx", "fastdup", "fastly", @@ -7644,6 +7646,7 @@ func plugins() []string { "most-and-least-read-posts-widget", "most-popular-posts-widget-lite", "motionger-elementor", + "motive-commerce-search", "motopress-hotel-booking-lite", "motopress-slider-lite", "motor-racing-league", @@ -12909,6 +12912,7 @@ func plugins() []string { "weluka-lite", "wemail", "wemanage-app-worker", + "wen-logo-slider", "wen-responsive-columns", "wens-responsive-column-layout-shortcodes", "wep-demo-import", @@ -15624,6 +15628,7 @@ func themes() []string { "avada", "avanix", "avantage", + "avante", "aviana", "avventure", "awake",