Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Security Intel Hub 231+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Examples: RCE · SSRF · GHSA · log4j
Filter
Clear filters
WP ULike <4.7.5 Stored XSS via Widgets (CVE-2024-7879)
wpscan.com · 2024-11-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: WP ULike < 4.7.5 2. **Vulnerability Type**: Admin+ Stored XSS via Widgets 3. **…

Read more
WordPress Post From Frontend Plugin CSRF Vulnerability (CVE-2024-9689)
wpscan.com · 2024-11-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Post From Frontend <= 1.0.0 2. **Vulnerability Type**: Post Deletion via CSRF 3…

Read more
WordPress Pods Plugin < 3.2.7.1 Stored XSS Vulnerability (CVE-2024-9883)
wpscan.com · 2024-11-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Pods < 3.2.7.1 2. **Vulnerability Type**: Admin+ Stored XSS 3. **Description**:…

Read more
WordPress Table of Contents Plus <= 2408 Stored XSS Vulnerability (CVE-2024-5578)
wpscan.com · 2024-11-09

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: Table of Contents Plus <= 2408 - Editor+ Stored XSS 2. **Description**: The plugin does n…

Read more
Stored XSS in WordPress Appointment Booking Calendar Plugin (CVE-2024-7877)
wpscan.com · 2024-11-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Appointment Booking Calendar “Settings” > “Notifications”. - Step 2: Click “Add…

Read more
WordPress simply-schedule-appointments < 1.6.7.55 CVE-2024-7876 Stored XSS Vulnerability
wpscan.com · 2024-11-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Appointment Booking Calendar ` - Step 5: Leave other fields as is and save. - S…

Read more
WordPress Download Manager < 3.3.00 Contributor+ Stored XSS Vulnerability
wpscan.com · 2024-11-03

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: `Download Manager < 3.3.00 - Contributor+ Stored XSS` 2. **Description**: Certa…

Read more
WordPress TS Poll < 2.4.0 Admin SQL Injection Vulnerability
wpscan.com · 2024-10-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: TS Poll - Survey, Versus Poll, Image Poll, Video Poll < 2.4.0 2. **Vulnerabilit…

Read more
WP-Advanced-Search <3.3.9.2 Unauthenticated SQL Injection (CVE-2024-9796)
wpscan.com · 2024-10-12

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: WP-Advanced-Search < 3.3.9.2 2. **Vulnerability Type**: SQL Injection (SQLi) 3. **Affecte…

Read more
Stored XSS in WordPress Photo Gallery by 10Web <= 1.8.27
wpscan.com · 2024-10-10

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Photo Gallery by 10Web <= 1.8.27 2. **Vulnerability Type**: Admin+ Stored XSS 3…

Read more
WordPress Relevanssi <4.23.1 Stored XSS Vulnerability (CVE-2024-9021)
wpscan.com · 2024-10-09

From this webpage screenshot, the following key vulnerability information can be extracted: 1. **Plugin Name**: Relevanssi < 4.23.1 - Contributor+ Stored XSS 2. **Description**: A vulnerability was di…

Read more
WordPress Custom Twitter Feeds < 2.2.3 CVE-2024-8983 Admin Stored XSS
wpscan.com · 2024-10-09

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Custom Twitter Feeds < 2.2.3 2. **Vulnerability Type**: Admin+ Stored XSS 3. **…

Read more
WPvivid Backup Plugin Unauthenticated Sensitive Data Exposure (CVE-2024-7315)
wpscan.com · 2024-10-03

From this webpage screenshot, the following key vulnerability information can be extracted: 1. **Plugin Name**: Migration, Backup, Staging - WPvivid < 0.9.106 2. **Vulnerability Type**: Unauthenticate…

Read more
WordPress The Post Grid < 7.5.0 Stored XSS via Grid Creation
wpscan.com · 2024-10-01

From this webpage screenshot, the following key vulnerability information can be extracted: 1. **Plugin Name**: The Post Grid Add New Grid”. - Step 2: In the “Style” section, add the payload `123"asda…

Read more
WordPress Starbox <3.5.3 Contributor+ Stored XSS Vulnerability
wpscan.com · 2024-10-01

From this webpage screenshot, the following key information about the vulnerability can be extracted: 1. **Plugin Name**: Starbox < 3.5.3 2. **Vulnerability Type**: Contributor+ Stored XSS 3. **Descri…

Read more
WordPress Cost Calculator Builder <3.2.29 Authenticated SQL Injection (CVE-2024-8379)
wpscan.com · 2024-10-01

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Cost Calculator Builder < 3.2.29 2. **Vulnerability Type**: SQL Injection 3. **…

Read more
Stored XSS in Slider by 10Web WordPress Plugin < 1.2.59
wpscan.com · 2024-10-01

From this webpage screenshot, the following key information about the vulnerability can be extracted: 1. **Plugin Name**: Slider by 10Web < 1.2.59 2. **Vulnerability Type**: Admin+ Stored XSS 3. **Des…

Read more
WordPress Ultimate Blocks <3.2.2 Contributor+ Stored XSS (CVE-2024-8536)
wpscan.com · 2024-10-01

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: Ultimate Blocks < 3.2.2 - Contributor+ Stored XSS 2. **Description**: The plugi…

Read more
Stored XSS in WordPress Quiz and Survey Master Plugin (CVE-2024-8758)
wpscan.com · 2024-09-24

From this webpage screenshot, the following key vulnerability information can be obtained: 1. **Plugin Name**: Quiz and Survey Master (QSM) < 9.1.3 2. **Vulnerability Type**: Author+ Stored XSS 3. **D…

Read more
YITH WooCommerce Ajax Search <2.7.1 XSS Vulnerability (CVE-2024-7846)
wpscan.com · 2024-09-24

From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. **Plugin Name**: YITH WooCommerce Ajax Search < 2.7.1 2. **Vulnerability Type**: XSS (Cross-Site…

Read more

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.