Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Saad Iqbal — Vulnerabilities & Security Advisories 37

Browse all 37 CVE security advisories affecting Saad Iqbal. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Saad Iqbal is a security researcher with thirty-seven assigned CVEs, primarily focusing on vulnerability discovery within widely used software ecosystems. His work predominantly targets remote code execution, cross-site scripting, and privilege escalation flaws, often affecting enterprise applications and open-source libraries. Iqbal’s contributions highlight systemic weaknesses in input validation and access control mechanisms, demonstrating a consistent pattern of identifying critical logic errors that allow unauthorized system access. Notable incidents include disclosures that forced immediate patches for high-profile platforms, underscoring the severity of the identified defects. His research emphasizes the importance of rigorous code auditing and secure development practices. By documenting these vulnerabilities, Iqbal aids developers in strengthening their security postures, reducing the attack surface for potential adversaries, and promoting broader industry awareness regarding common exploitation vectors in modern software architectures.

Top products by Saad Iqbal: myCred Post SMTP New User Approve AppExperts User Management License Manager for WooCommerce Quick Contact Form Post Snippets WPExperts Square For GiveWP myCred Elementor Gutena Kit – Gutenberg Blocks and Templates Advanced File Manager Bookify All In One Login User Avatar - Reloaded WP EasyPay
CVE IDTitleCVSSSeverityPublished
CVE-2026-25390 WordPress New User Approve plugin <= 3.2.3 - Broken Access Control vulnerability — New User ApproveCWE-862 6.5 Medium2026-03-25
CVE-2026-25001 WordPress Post Snippets plugin <= 4.0.12 - Remote Code Execution (RCE) vulnerability — Post SnippetsCWE-94 8.5 High2026-03-25
CVE-2026-32587 WordPress WP EasyPay plugin <= 4.2.11 - Broken Access Control vulnerability — WP EasyPayCWE-862 5.4 Medium2026-03-16
CVE-2025-69063 WordPress New User Approve plugin <= 3.2.0 - Broken Access Control vulnerability — New User ApproveCWE-862 8.6 High2026-02-20
CVE-2026-27440 WordPress myCred plugin <= 2.9.7.6 - Cross Site Scripting (XSS) vulnerability — myCredCWE-79 6.5 Medium2026-02-19
CVE-2026-24951 WordPress myCred plugin <= 2.9.7.3 - Broken Access Control vulnerability — myCredCWE-862 4.3 Medium2026-02-03
CVE-2025-68881 WordPress AppExperts plugin <= 1.4.5 - SQL Injection vulnerability — AppExpertsCWE-89 8.5 High2026-01-22
CVE-2025-63040 WordPress Post Snippets plugin <= 4.0.11 - Cross Site Request Forgery (CSRF) vulnerability — Post SnippetsCWE-352 4.3 Medium2025-12-31
CVE-2025-68080 WordPress User Avatar - Reloaded plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability — User Avatar - ReloadedCWE-79 6.5 Medium2025-12-16
CVE-2025-63030 WordPress New User Approve plugin <= 3.2.3 - Cross Site Request Forgery (CSRF) vulnerability — New User ApproveCWE-352 7.1 High2025-12-09
CVE-2025-67563 WordPress Post SMTP plugin <= 3.6.1 - Broken Access Control vulnerability — Post SMTPCWE-862 5.3 Medium2025-12-09
CVE-2025-67471 WordPress Quick Contact Form plugin <= 8.2.5 - Cross Site Request Forgery (CSRF) vulnerability — Quick Contact FormCWE-352 4.3 Medium2025-12-09
CVE-2025-58595 WordPress All In One Login plugin <= 2.0.8 - Bypass Vulnerability vulnerability — All In One LoginCWE-290 5.3 Medium2025-11-06
CVE-2025-53218 WordPress AppExperts plugin <= 1.4.5 - Sensitive Data Exposure vulnerability — AppExpertsCWE-201 5.8 Medium2025-10-22
CVE-2025-58788 WordPress License Manager for WooCommerce Plugin <= 3.0.12 - SQL Injection Vulnerability — License Manager for WooCommerceCWE-89 7.6 High2025-09-05
CVE-2025-48142 WordPress Bookify <= 1.0.9 - Privilege Escalation Vulnerability — BookifyCWE-266 8.8 High2025-08-20
CVE-2025-54668 WordPress myCred plugin <= 2.9.4.3 - Cross Site Scripting (XSS) Vulnerability — myCredCWE-79 6.5 Medium2025-08-14
CVE-2025-54667 WordPress myCred plugin <= 2.9.4.3 - Race Condition Vulnerability — myCredCWE-367 5.3 Medium2025-08-14
CVE-2025-24000 WordPress Post SMTP plugin <= 3.2.0 - Account Takeover Vulnerability — Post SMTPCWE-288 8.8 High2025-08-07
CVE-2025-49857 WordPress myCred plugin <= 2.9.4.2 - Broken Access Control Vulnerability — myCredCWE-862 4.3 Medium2025-06-17
CVE-2025-49872 WordPress myCred plugin <= 2.9.4.2 - Broken Access Control Vulnerability — myCredCWE-862 5.3 Medium2025-06-17
CVE-2025-48245 WordPress Quick Contact Form plugin <= 8.2.1 - Reflected Cross Site Scripting (XSS) vulnerability — Quick Contact FormCWE-79 7.1 High2025-05-23
CVE-2025-47688 WordPress Advanced File Manager plugin <= 5.3.1 - Broken Access Control to Notice Dismissal vulnerability — Advanced File ManagerCWE-862 5.3 Medium2025-05-07
CVE-2025-32522 WordPress License Manager for WooCommerce plugin <= 3.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — License Manager for WooCommerceCWE-79 7.1 High2025-04-17
CVE-2025-31805 WordPress Gutena Kit plugin <= 2.0.7 - Cross Site Scripting (XSS) vulnerability — Gutena Kit – Gutenberg Blocks and TemplatesCWE-79 6.5 Medium2025-04-01
CVE-2025-30609 WordPress AppExperts plugin <= 1.4.3 - Sensitive Data Exposure Vulnerability — AppExpertsCWE-201 5.3 Medium2025-03-24
CVE-2025-22736 WordPress User Management plugin <= 1.2 - Privilege Escalation vulnerability — User ManagementCWE-266 8.8 High2025-01-15
CVE-2025-22800 WordPress Post SMTP plugin <= 2.9.11 - Broken Access Control vulnerability — Post SMTPCWE-862 4.3 Medium2025-01-13
CVE-2024-54323 WordPress New User Approve plugin <= 2.6.2 - Broken Access Control vulnerability — New User ApproveCWE-862 5.4 Medium2024-12-13
CVE-2024-52436 WordPress Post SMTP plugin <= 2.9.9 - SQL Injection vulnerability — Post SMTPCWE-89 7.6 High2024-11-18

This page lists every published CVE security advisory associated with Saad Iqbal. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.