Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 231+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
WP MultiTasking <= 0.1.12 Reflected XSS via Shortcode
wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: WP MultiTasking <= 0.1.12 2. **Vulnerability Type**: Reflected XSS via Shortcod…

Read more
WordPress Plugin TrueBooker CSRF Vulnerability (CVE-2024-6925) Analysis
wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: TrueBooker <= 1.0.2 2. **Vulnerability Type**: CSRF (Cross-Site Request Forgery…

Read more
WordPress Plugin Popup Maker <1.19.1 Stored XSS Vulnerability (CVE-2024-5561)
wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Popup Maker < 1.19.1 2. **Vulnerability Type**: Admin+ Stored XSS 3. **Descript…

Read more
WordPress Snapshot Backup <= 2.1.1 CSRF Leading to Stored XSS (CVE-2024-7689)
wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Snapshot Backup <= 2.1.1 2. **Vulnerability Type**: CSRF (Cross-Site Request Fo…

Read more
CVE-2024-7688: AZIndex WordPress Plugin CSRF Index Deletion Vulnerability
wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: AZIndex <= 0.8.1 2. **Vulnerability Type**: Index Deletion via CSRF 3. **Descri…

Read more
WordPress AZIndex <= 0.8.1 CSRF Leading to Stored XSS (CVE-2024-7687)
wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: AZIndex <= 0.8.1 2. **Vulnerability Type**: CSRF (Cross-Site Request Forgery) 3…

Read more
WordPress Pocket Widget <= 0.1.3 Stored XSS Vulnerability (CVE-2024-7918)
wpscan.com · 2024-09-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Pocket Widget alert(2)` - Save the settings and observe the XSS execution 5. **…

Read more
WP ULike < 4.7.2.1 Stored XSS Vulnerability (CVE-2024-6792)
wpscan.com · 2024-09-07

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: WP ULike < 4.7.2.1 - Subscriber+ Stored-XSS 2. **Description**: The plugin fail…

Read more
CVE-2024-6846: SmartSearchWP Unauthenticated Log Purge Vulnerability
wpscan.com · 2024-09-06

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: SmartSearchWP <= 2.4.4 2. **Vulnerability Type**: Unauthenticated Log Purge 3. …

Read more
Reflected XSS in WordPress Sign-up Sheets Plugin < 2.2.13
wpscan.com · 2024-09-05

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: Sign-up Sheets < 2.2.13 2. **Vulnerability Type**: Reflected XSS 3. **Description**: The …

Read more
Stored XSS in WordPress Plugin Secure Copy Content Protection < 4.1.7
wpscan.com · 2024-09-05

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Secure Copy Content Protection and Content Locking < 4.1.7 - Admin+ Stored XSS …

Read more
WordPress Chatbot Support AI <=1.0.2 Admin Stored XSS Vulnerability
wpscan.com · 2024-09-05

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: Chatbot Support AI ` - Save changes - Visit the homepage containing the chatbot page and …

Read more
WordPress Plugin Viral Signup SQL Injection Vulnerability (CVE-2024-6926)
wpscan.com · 2024-09-05

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Viral Signup <= 2.1 2. **Vulnerability Type**: SQL Injection (SQLi) 3. **Descri…

Read more
WordPress Secure Copy Content Protection Stored XSS Vulnerability (CVE-2024-6388)
wpscan.com · 2024-09-05

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: Secure Copy Content Protection and Content Locking < 4.1.7 - Admin+ Stored XSS 2. **Descr…

Read more
WordPress Sensei LMS Unauthenticated Email Template Disclosure
wpscan.com · 2024-09-05

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Sensei LMS /index.php/wp-json/wp/v2/sensei_email/` reveals the IDs of email tem…

Read more
CVE-2024-7691: Unauthenticated Stored XSS in Flaming Forms <= 1.0.1
wpscan.com · 2024-09-03

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Flaming Forms alert(1)"` into any field of the contact form and submit it. - St…

Read more
Ninja Forms Reflected XSS Vulnerability (CVE-2024-7354)
wpscan.com · 2024-09-03

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: Ninja Forms 3.8.6–3.8.10 2. **Vulnerability Type**: Reflected Cross-Site Scripting (XSS) …

Read more
WordPress Plugin Flaming Forms <=1.0.1 Reflected XSS Vulnerability
wpscan.com · 2024-09-03

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: Flaming Forms <= 1.0.1 2. **Vulnerability Type**: Reflected Cross-Site Scripting (XSS) 3.…

Read more
WordPress DN Popup CSRF Vulnerability Analysis (CVE-2024-7690)
wpscan.com · 2024-09-03

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: DN Popup <= 1.2.2 2. **Vulnerability Type**: CSRF (Cross-Site Request Forgery) …

Read more
WordPress Web Directory Free <1.7.3 Unauthenticated LFI Vulnerability (CVE-2024-3673)
wpscan.com · 2024-08-31

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Web Directory Free < 1.7.3 2. **Vulnerability Type**: Unauthenticated LFI (Loca…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.