Security Intel Hub 231+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

Clear filters

WordPress RafflePress < 1.12.16 Editor+ Stored XSS Vulnerability

wpscan.com · 2024-09-13

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: Giveaways and Contests by RafflePress Giveaways” - Edit a default giveaw…

WordPress CM Pop-Up Banners < 1.7.3 Contributor+ Stored XSS Vulnerability

wpscan.com · 2024-09-13

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: CM Pop-Up Banners for WordPress ` - Enable the “Show on every page” option in t…

Authenticated Blind SQL Injection in WP Plugin Adicon Server <=1.2 (CVE-2024-7766)

wpscan.com · 2024-09-13

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Adicon Server <= 1.2 2. **Vulnerability Type**: SQL Injection (SQLi) 3. **Plugi…

CVE-2024-7822: Stored XSS in Quick Code Plugin

wpscan.com · 2024-09-13

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Quick Code <= 1.0 2. **Vulnerability Type**: XSS (Cross-Site Scripting) 3. **Vu…

Misiek Photo Album <=1.4.3 Stored XSS via CSRF (CVE-2024-7818)

wpscan.com · 2024-09-13

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Misiek Photo Album <= 1.4.3 2. **Vulnerability Type**: Stored XSS (via CSRF) 3.…

CVE-2024-7860: Simple Headline Rotator Stored XSS via CSRF

wpscan.com · 2024-09-13

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Simple Headline Rotator document.forms[0].submit(); ``` 5. **Affected Plugin**:…

WordPress Misiek Photo Album <=1.4.3 CSRF Album Deletion Vulnerability (CVE-2024-7817)

wpscan.com · 2024-09-13

CVE-2024-7861: Stored XSS in Misiek Paypal Plugin <= 1.1.20090324

wpscan.com · 2024-09-13

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Misiek Paypal <= 1.1.20090324 2. **Vulnerability Type**: XSS (Cross-Site Script…

CVE-2024-7862: WordPress Blog Introduction Plugin CSRF Vulnerability

wpscan.com · 2024-09-13

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Vulnerability Name**: Blog Introduction <= 0.3.0 - Settings Update via CSRF 2. **Description**…

WordPress ILC Thickbox CSRF Vulnerability (CVE-2024-7820) Advisory

wpscan.com · 2024-09-13

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: ILC Thickbox <= 1.0 2. **Vulnerability Type**: CSRF (Cross-Site Request Forgery…

Stored XSS in WordPress GS Logo Slider Lite < 3.6.9 via Shortcode Settings

wpscan.com · 2024-09-12

From this webpage screenshot, the following key information about the vulnerability can be extracted: 1. **Plugin Name**: GS Logo Slider Lite < 3.6.9 2. **Vulnerability Type**: Admin+ Stored XSS 3. **…

WordPress Floating Contact Button Plugin Admin Stored XSS Vulnerability Analysis

wpscan.com · 2024-09-11

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Floating Contact Button <` - Click the adjacent "jQuery" button. - Click "Save …

WordPress Starbox < 3.5.2 Admin Stored XSS Vulnerability

wpscan.com · 2024-09-11

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: Starbox < 3.5.2 2. **Vulnerability Type**: Admin+ Stored XSS 3. **Description**: The plug…

WP MultiTasking <= 0.1.12 CSRF Vulnerability (CVE-2024-6852)

wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: WP MultiTasking <= 0.1.12 2. **Vulnerability Type**: CSRF (Cross-Site Request F…

WP MultiTasking <= 0.1.12 CSRF Vulnerability (CVE-2024-6856) Analysis

wpscan.com · 2024-09-10

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: WP MultiTasking <= 0.1.12 2. **Vulnerability Type**: SMTP Settings Update via CSRF 3. **D…

WordPress Opti Marketing SQL Injection Vulnerability (CVE-2024-6928)

wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Opti Marketing <= 2.0.9 2. **Vulnerability Type**: SQL Injection (SQLi) 3. **De…

WordPress TrueBooker <= 1.0.2 SQL Injection Vulnerability (CWE-89) with PoC

wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: TrueBooker <= 1.0.2 2. **Vulnerability Type**: SQL Injection (SQLi) 3. **Descri…

WP MultiTasking <= 0.1.12 CSRF Vulnerability (CVE-2024-6855)

wpscan.com · 2024-09-10

WordPress EventON <2.2.17 Admin Stored XSS Vulnerability

wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: EventON < 2.2.17 - Admin+ Stored XSS 2. **Description**: The plugin does not sa…

WP MultiTasking <= 0.1.12 CSRF Vulnerability (CVE-2024-6853)

wpscan.com · 2024-09-10

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 231+