diff --git a/internal/data/assets/plugin_637573746f6d2d726567697374726174696f6e2d666f726d2d6275696c6465722d776974682d7375626d697373696f6e2d6d616e61676572811c9dc5_gen.json b/internal/data/assets/plugin_637573746f6d2d726567697374726174696f6e2d666f726d2d6275696c6465722d776974682d7375626d697373696f6e2d6d616e61676572811c9dc5_gen.json index 9866f3e8..6ba61822 100644 --- a/internal/data/assets/plugin_637573746f6d2d726567697374726174696f6e2d666f726d2d6275696c6465722d776974682d7375626d697373696f6e2d6d616e61676572811c9dc5_gen.json +++ b/internal/data/assets/plugin_637573746f6d2d726567697374726174696f6e2d666f726d2d6275696c6465722d776974682d7375626d697373696f6e2d6d616e61676572811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/0633bf06-6580-4feb-b98a-c465df3e2bed/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.9 - Unauthenticated Payment Bypass via rm_process_paypal_sdk_payment\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-17 21:54:57","sources":[{"name":"Wordfence","remoteId":"0633bf06-6580-4feb-b98a-c465df3e2bed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0633bf06-6580-4feb-b98a-c465df3e2bed?source=api-prod","cve":"CVE-2025-14444","affectedVersions":"<=6.0.6.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/0d041b14-0d05-4bfe-bd5c-7e06d7b108b8/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.3.0 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"0d041b14-0d05-4bfe-bd5c-7e06d7b108b8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0d041b14-0d05-4bfe-bd5c-7e06d7b108b8?source=api-prod","cve":"CVE-2023-49831","affectedVersions":"<=5.2.3.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/184b9ae4-945a-4602-99da-679ff9db3029/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.1.0 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"184b9ae4-945a-4602-99da-679ff9db3029"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/184b9ae4-945a-4602-99da-679ff9db3029?source=api-prod","cve":"CVE-2024-43317","affectedVersions":"<=6.0.1.0","severity":"high"},{"advisoryId":"WPSECADV/WF/1c23d163-1053-403f-80bc-ea8f76fff4e2/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Cross-Site Request Forgery to Settings Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"1c23d163-1053-403f-80bc-ea8f76fff4e2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1c23d163-1053-403f-80bc-ea8f76fff4e2?source=api-prod","cve":"CVE-2020-9454","affectedVersions":"<4.6.0.4","severity":"high"},{"advisoryId":"WPSECADV/WF/241dc2e4-b079-407b-b610-c40b23d038cb/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"241dc2e4-b079-407b-b610-c40b23d038cb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/241dc2e4-b079-407b-b610-c40b23d038cb?source=api-prod","cve":"CVE-2020-9456","affectedVersions":"<4.6.0.4","severity":"critical"},{"advisoryId":"WPSECADV/WF/24986bbe-6584-4d0a-829c-684c60527482/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – User Registration Forms Plugin <= 6.0.8.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"24986bbe-6584-4d0a-829c-684c60527482"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/24986bbe-6584-4d0a-829c-684c60527482?source=api-prod","cve":"CVE-2026-49764","affectedVersions":"<=6.0.8.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/24f2eafc-c8eb-4d78-af5e-1a589d7e4d21/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.3.2.0 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"24f2eafc-c8eb-4d78-af5e-1a589d7e4d21"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/24f2eafc-c8eb-4d78-af5e-1a589d7e4d21?source=api-prod","cve":"CVE-2024-33947","affectedVersions":"<=5.3.2.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/26d70dee-c098-40f1-962a-db56791ae221/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.5.9 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"26d70dee-c098-40f1-962a-db56791ae221"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26d70dee-c098-40f1-962a-db56791ae221?source=api-prod","cve":"CVE-2024-25935","affectedVersions":"<=5.2.5.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/2d010e55-d57a-49f7-a991-76b676b88f1e/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.4.1 - Reflected Cross-Site Scripting via section_id\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"2d010e55-d57a-49f7-a991-76b676b88f1e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d010e55-d57a-49f7-a991-76b676b88f1e?source=api-prod","cve":"CVE-2023-51509","affectedVersions":"<5.2.4.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/41985e86-eda4-4914-a7f8-3758afcc6193/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.0.1 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"41985e86-eda4-4914-a7f8-3758afcc6193"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/41985e86-eda4-4914-a7f8-3758afcc6193?source=api-prod","cve":"CVE-2024-39643","affectedVersions":"<=6.0.0.1","severity":"high"},{"advisoryId":"WPSECADV/WF/4532cb38-453b-460c-879d-6f0e1caacafc/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.2 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-07 16:05:36","sources":[{"name":"Wordfence","remoteId":"4532cb38-453b-460c-879d-6f0e1caacafc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4532cb38-453b-460c-879d-6f0e1caacafc?source=api-prod","cve":"CVE-2025-11204","affectedVersions":"<=6.0.6.2","severity":"high"},{"advisoryId":"WPSECADV/WF/4b37b57c-4a11-4971-b38f-12c70d71b76b/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.5.0 - IP Spoofing\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"4b37b57c-4a11-4971-b38f-12c70d71b76b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4b37b57c-4a11-4971-b38f-12c70d71b76b?source=api-prod","cve":"CVE-2023-51543","affectedVersions":"<=5.2.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/4b71b187-2e05-4bea-9177-cbf66fe08a44/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic - Custom Registration Forms, User Registration and User Login Plugin <= 4.6.0.2 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-02-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"4b71b187-2e05-4bea-9177-cbf66fe08a44"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4b71b187-2e05-4bea-9177-cbf66fe08a44?source=api-prod","cve":"CVE-2020-8435","affectedVersions":"<4.6.0.3","severity":"high"},{"advisoryId":"WPSECADV/WF/4be512bd-190a-415a-bd20-a49373f63fbb/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'RM_Forms' Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-15 02:16:59","sources":[{"name":"Wordfence","remoteId":"4be512bd-190a-415a-bd20-a49373f63fbb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4be512bd-190a-415a-bd20-a49373f63fbb?source=api-prod","cve":"CVE-2025-13610","affectedVersions":"<=6.0.6.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/52efc168-fed9-45c6-9a2c-1e3a198f71f9/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.0.2.1 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"52efc168-fed9-45c6-9a2c-1e3a198f71f9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/52efc168-fed9-45c6-9a2c-1e3a198f71f9?source=api-prod","cve":"CVE-2022-0420","affectedVersions":"<5.0.2.2","severity":"high"},{"advisoryId":"WPSECADV/WF/547e5814-0201-4dbf-9d2d-8028ca055402/custom-registration-form-builder-with-submission-manager","title":"Registration Magic <= 5.0.1.8 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"547e5814-0201-4dbf-9d2d-8028ca055402"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/547e5814-0201-4dbf-9d2d-8028ca055402?source=api-prod","cve":"CVE-2021-24648","affectedVersions":"<=5.0.1.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/63099a49-913f-428d-b9a4-85e1bc5afe56/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.7.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"63099a49-913f-428d-b9a4-85e1bc5afe56"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/63099a49-913f-428d-b9a4-85e1bc5afe56?source=api-prod","cve":"CVE-2026-32385","affectedVersions":"<=6.0.7.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/6478cdbc-a20e-4fe2-bbd6-8a550e5da895/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"6478cdbc-a20e-4fe2-bbd6-8a550e5da895"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6478cdbc-a20e-4fe2-bbd6-8a550e5da895?source=api-prod","cve":"CVE-2024-1990","affectedVersions":"<=5.3.1.0","severity":"high"},{"advisoryId":"WPSECADV/WF/68dd9f6f-ccee-4a27-bd21-2fb32b92cc62/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_order\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-16 13:22:33","sources":[{"name":"Wordfence","remoteId":"68dd9f6f-ccee-4a27-bd21-2fb32b92cc62"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/68dd9f6f-ccee-4a27-bd21-2fb32b92cc62?source=api-prod","cve":"CVE-2025-15403","affectedVersions":"<=6.0.7.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/6f6883e4-3de6-4ca9-a26c-0b4f3bd5b70f/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic - Custom Registration Forms <= 3.7.9.4 - Reflected Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2017-12-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"6f6883e4-3de6-4ca9-a26c-0b4f3bd5b70f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6f6883e4-3de6-4ca9-a26c-0b4f3bd5b70f?source=api-prod","affectedVersions":"<=3.7.9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/6fde9239-edac-4f85-be12-80825595a332/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic - Custom Registration Forms <= 3.8.0.4 - SQL Injection\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2017-12-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"6fde9239-edac-4f85-be12-80825595a332"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6fde9239-edac-4f85-be12-80825595a332?source=api-prod","affectedVersions":"<=3.8.0.4","severity":"high"},{"advisoryId":"WPSECADV/WF/766e3966-157a-4db3-9179-813032343f76/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.0.0 - Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"766e3966-157a-4db3-9179-813032343f76"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/766e3966-157a-4db3-9179-813032343f76?source=api-prod","cve":"CVE-2024-1991","affectedVersions":"<=5.3.0.0","severity":"high"},{"advisoryId":"WPSECADV/WF/7dcde10d-4eb7-42fe-926e-05e56affc521/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.2.6 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"7dcde10d-4eb7-42fe-926e-05e56affc521"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7dcde10d-4eb7-42fe-926e-05e56affc521?source=api-prod","cve":"CVE-2023-47645","affectedVersions":"<=5.2.2.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/7f7d16d2-ecc0-4352-b7b9-2c3242f43dbf/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Settings and User Data Export\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"7f7d16d2-ecc0-4352-b7b9-2c3242f43dbf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7f7d16d2-ecc0-4352-b7b9-2c3242f43dbf?source=api-prod","cve":"CVE-2020-9458","affectedVersions":"<4.6.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/86ebb3d1-5fd1-48cb-95b7-f82014323f01/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.5.0 - Form Submission Limit Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"86ebb3d1-5fd1-48cb-95b7-f82014323f01"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/86ebb3d1-5fd1-48cb-95b7-f82014323f01?source=api-prod","cve":"CVE-2023-51544","affectedVersions":"<=5.2.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/87ec5542-b6e7-4b18-a3ec-c258e749d32e/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.1.0 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-05-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"87ec5542-b6e7-4b18-a3ec-c258e749d32e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/87ec5542-b6e7-4b18-a3ec-c258e749d32e?source=api-prod","cve":"CVE-2023-2499","affectedVersions":"<=5.2.1.0","severity":"critical"},{"advisoryId":"WPSECADV/WF/91a83f52-069e-4611-9b46-4a1913e23f42/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic < 6.0.7.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"91a83f52-069e-4611-9b46-4a1913e23f42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/91a83f52-069e-4611-9b46-4a1913e23f42?source=api-prod","cve":"CVE-2026-0929","affectedVersions":"<6.0.7.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/9396c350-d72e-472b-8cbc-44edce557256/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.5.9 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"9396c350-d72e-472b-8cbc-44edce557256"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9396c350-d72e-472b-8cbc-44edce557256?source=api-prod","cve":"CVE-2024-29113","affectedVersions":"<=5.2.5.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/9b378df7-b182-4a56-a7fa-3228c06f960f/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic Plugin <= 5.2.4.5 - Authenticated(Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"9b378df7-b182-4a56-a7fa-3228c06f960f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9b378df7-b182-4a56-a7fa-3228c06f960f?source=api-prod","cve":"CVE-2023-50846","affectedVersions":"<5.2.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/9c0c3932-bdb0-4edb-bfec-2ed52cbc5cb6/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"9c0c3932-bdb0-4edb-bfec-2ed52cbc5cb6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9c0c3932-bdb0-4edb-bfec-2ed52cbc5cb6?source=api-prod","cve":"CVE-2025-2836","affectedVersions":"<=6.0.4.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/a023cdc5-3814-4120-86b2-6a60d385f898/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Email Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"a023cdc5-3814-4120-86b2-6a60d385f898"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a023cdc5-3814-4120-86b2-6a60d385f898?source=api-prod","cve":"CVE-2020-9455","affectedVersions":"<=4.6.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/b6da046f-a16f-4a93-b3c6-04270538b7a9/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.3.0.0 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"b6da046f-a16f-4a93-b3c6-04270538b7a9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b6da046f-a16f-4a93-b3c6-04270538b7a9?source=api-prod","cve":"CVE-2024-2951","affectedVersions":"<=5.3.0.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/bfbc406b-49af-419e-adeb-0510794b7e3f/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.0.5 - Authenticated (Admin+) Insecure Direct Object Reference to Arbitrary User Password Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-05-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"bfbc406b-49af-419e-adeb-0510794b7e3f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bfbc406b-49af-419e-adeb-0510794b7e3f?source=api-prod","cve":"CVE-2023-2548","affectedVersions":"<=5.2.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/c2b79193-f8fc-4ea2-8973-fe292cfb926b/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2017-10-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"c2b79193-f8fc-4ea2-8973-fe292cfb926b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c2b79193-f8fc-4ea2-8973-fe292cfb926b?source=api-prod","cve":"CVE-2017-20208","affectedVersions":"<3.7.9.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/c4679fa7-be6b-4f50-8cdf-ff9822794f19/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – User Registration Plugin with Custom Registration Forms <= 6.0.2.6 - Unauthenticated Privilege Escalation via Password Recovery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"c4679fa7-be6b-4f50-8cdf-ff9822794f19"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c4679fa7-be6b-4f50-8cdf-ff9822794f19?source=api-prod","cve":"CVE-2024-10508","affectedVersions":"<=6.0.2.6","severity":"critical"},{"advisoryId":"WPSECADV/WF/cb269a48-e813-4cda-821a-ee70431372d2/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.2 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb269a48-e813-4cda-821a-ee70431372d2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb269a48-e813-4cda-821a-ee70431372d2?source=api-prod","cve":"CVE-2024-9390","affectedVersions":"<=6.0.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/d3088e5b-9e3c-4021-b99a-26ac90ece82e/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.6.9 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"d3088e5b-9e3c-4021-b99a-26ac90ece82e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d3088e5b-9e3c-4021-b99a-26ac90ece82e?source=api-prod","cve":"CVE-2026-24374","affectedVersions":"<=6.0.6.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/d46f8e8a-80cb-4407-ac07-f4c93be691b6/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration and User Login Plugin <= 4.6.0.1 - Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-01-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"d46f8e8a-80cb-4407-ac07-f4c93be691b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d46f8e8a-80cb-4407-ac07-f4c93be691b6?source=api-prod","cve":"CVE-2020-8436","affectedVersions":"<=4.6.0.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/d590e730-ad5f-4046-b897-c3b8aed250b3/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.1 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"d590e730-ad5f-4046-b897-c3b8aed250b3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d590e730-ad5f-4046-b897-c3b8aed250b3?source=api-prod","cve":"CVE-2026-24373","affectedVersions":"<=6.0.7.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/d87c4534-3f71-4e7e-bf17-222e77fee24f/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.1 - Authenticated (Subscriber+) Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"d87c4534-3f71-4e7e-bf17-222e77fee24f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d87c4534-3f71-4e7e-bf17-222e77fee24f?source=api-prod","cve":"CVE-2025-15520","affectedVersions":"<=6.0.7.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/d8ba4a74-6649-4566-b9d5-19662539158b/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.0.1.5 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-01-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"d8ba4a74-6649-4566-b9d5-19662539158b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d8ba4a74-6649-4566-b9d5-19662539158b?source=api-prod","cve":"CVE-2021-24862","affectedVersions":"<=5.0.1.5","severity":"high"},{"advisoryId":"WPSECADV/WF/daf4d246-85f3-48b3-985f-982fea4772f1/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-27 19:10:54","sources":[{"name":"Wordfence","remoteId":"daf4d246-85f3-48b3-985f-982fea4772f1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/daf4d246-85f3-48b3-985f-982fea4772f1?source=api-prod","cve":"CVE-2026-1054","affectedVersions":"<=6.0.7.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/e7939401-822c-4d27-9d8c-c5680165e6a7/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Settings Import to Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"e7939401-822c-4d27-9d8c-c5680165e6a7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e7939401-822c-4d27-9d8c-c5680165e6a7?source=api-prod","cve":"CVE-2020-9457","affectedVersions":"<=4.6.0.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/f6515d70-438b-47b7-a3c4-5b8dc401a40e/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"f6515d70-438b-47b7-a3c4-5b8dc401a40e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f6515d70-438b-47b7-a3c4-5b8dc401a40e?source=api-prod","cve":"CVE-2026-32498","affectedVersions":"<=6.0.7.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/fbd978fd-f759-4983-90b0-af7338e21d30/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.0.1.7 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"fbd978fd-f759-4983-90b0-af7338e21d30"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fbd978fd-f759-4983-90b0-af7338e21d30?source=api-prod","cve":"CVE-2021-4073","affectedVersions":"<=5.0.1.7","severity":"critical"},{"advisoryId":"WPSECADV/WF/fcfb3a6e-7b58-4568-8439-e9c68a2223b9/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.1.9.2 - Cross-Site Request Forgery leading to Form Metadata Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"fcfb3a6e-7b58-4568-8439-e9c68a2223b9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fcfb3a6e-7b58-4568-8439-e9c68a2223b9?source=api-prod","cve":"CVE-2023-25991","affectedVersions":"<=5.1.9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/fd78d162-d9aa-4623-9b89-5f1455739836/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.3.3 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"fd78d162-d9aa-4623-9b89-5f1455739836"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd78d162-d9aa-4623-9b89-5f1455739836?source=api-prod","cve":"CVE-2025-24686","affectedVersions":"<=6.0.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/fde0ab44-a354-4cbe-8548-0e5c08529082/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.1.9.2 - Missing Authorization to Unauthenticated Content Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"fde0ab44-a354-4cbe-8548-0e5c08529082"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fde0ab44-a354-4cbe-8548-0e5c08529082?source=api-prod","cve":"CVE-2023-23989","affectedVersions":"<=5.1.9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/feeb70e4-b602-40ce-bdeb-d947c6b6784d/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.1.9.2 - Improper Authorization to Price Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"feeb70e4-b602-40ce-bdeb-d947c6b6784d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/feeb70e4-b602-40ce-bdeb-d947c6b6784d?source=api-prod","cve":"CVE-2023-23976","affectedVersions":"<=5.1.9.2","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/0633bf06-6580-4feb-b98a-c465df3e2bed/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.9 - Unauthenticated Payment Bypass via rm_process_paypal_sdk_payment\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-17 21:54:57","sources":[{"name":"Wordfence","remoteId":"0633bf06-6580-4feb-b98a-c465df3e2bed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0633bf06-6580-4feb-b98a-c465df3e2bed?source=api-prod","cve":"CVE-2025-14444","affectedVersions":"<=6.0.6.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/0d041b14-0d05-4bfe-bd5c-7e06d7b108b8/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.3.0 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"0d041b14-0d05-4bfe-bd5c-7e06d7b108b8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0d041b14-0d05-4bfe-bd5c-7e06d7b108b8?source=api-prod","cve":"CVE-2023-49831","affectedVersions":"<=5.2.3.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/184b9ae4-945a-4602-99da-679ff9db3029/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.1.0 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"184b9ae4-945a-4602-99da-679ff9db3029"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/184b9ae4-945a-4602-99da-679ff9db3029?source=api-prod","cve":"CVE-2024-43317","affectedVersions":"<=6.0.1.0","severity":"high"},{"advisoryId":"WPSECADV/WF/1c23d163-1053-403f-80bc-ea8f76fff4e2/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Cross-Site Request Forgery to Settings Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"1c23d163-1053-403f-80bc-ea8f76fff4e2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1c23d163-1053-403f-80bc-ea8f76fff4e2?source=api-prod","cve":"CVE-2020-9454","affectedVersions":"<4.6.0.4","severity":"high"},{"advisoryId":"WPSECADV/WF/1dcf68fd-e9d3-4a46-8bd4-15c2598b91fe/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.8.6 - Authenticated (Subscriber+) Authentication Bypass via Forged PayPal IPN Request\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 18:09:49","sources":[{"name":"Wordfence","remoteId":"1dcf68fd-e9d3-4a46-8bd4-15c2598b91fe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1dcf68fd-e9d3-4a46-8bd4-15c2598b91fe?source=api-prod","cve":"CVE-2026-9242","affectedVersions":"<=6.0.8.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/241dc2e4-b079-407b-b610-c40b23d038cb/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"241dc2e4-b079-407b-b610-c40b23d038cb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/241dc2e4-b079-407b-b610-c40b23d038cb?source=api-prod","cve":"CVE-2020-9456","affectedVersions":"<4.6.0.4","severity":"critical"},{"advisoryId":"WPSECADV/WF/24986bbe-6584-4d0a-829c-684c60527482/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – User Registration Forms Plugin <= 6.0.8.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"24986bbe-6584-4d0a-829c-684c60527482"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/24986bbe-6584-4d0a-829c-684c60527482?source=api-prod","cve":"CVE-2026-49764","affectedVersions":"<=6.0.8.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/24f2eafc-c8eb-4d78-af5e-1a589d7e4d21/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.3.2.0 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"24f2eafc-c8eb-4d78-af5e-1a589d7e4d21"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/24f2eafc-c8eb-4d78-af5e-1a589d7e4d21?source=api-prod","cve":"CVE-2024-33947","affectedVersions":"<=5.3.2.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/26d70dee-c098-40f1-962a-db56791ae221/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.5.9 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"26d70dee-c098-40f1-962a-db56791ae221"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26d70dee-c098-40f1-962a-db56791ae221?source=api-prod","cve":"CVE-2024-25935","affectedVersions":"<=5.2.5.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/2d010e55-d57a-49f7-a991-76b676b88f1e/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.4.1 - Reflected Cross-Site Scripting via section_id\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"2d010e55-d57a-49f7-a991-76b676b88f1e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d010e55-d57a-49f7-a991-76b676b88f1e?source=api-prod","cve":"CVE-2023-51509","affectedVersions":"<5.2.4.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/41985e86-eda4-4914-a7f8-3758afcc6193/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.0.1 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"41985e86-eda4-4914-a7f8-3758afcc6193"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/41985e86-eda4-4914-a7f8-3758afcc6193?source=api-prod","cve":"CVE-2024-39643","affectedVersions":"<=6.0.0.1","severity":"high"},{"advisoryId":"WPSECADV/WF/4532cb38-453b-460c-879d-6f0e1caacafc/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.2 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-07 16:05:36","sources":[{"name":"Wordfence","remoteId":"4532cb38-453b-460c-879d-6f0e1caacafc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4532cb38-453b-460c-879d-6f0e1caacafc?source=api-prod","cve":"CVE-2025-11204","affectedVersions":"<=6.0.6.2","severity":"high"},{"advisoryId":"WPSECADV/WF/4b37b57c-4a11-4971-b38f-12c70d71b76b/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.5.0 - IP Spoofing\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"4b37b57c-4a11-4971-b38f-12c70d71b76b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4b37b57c-4a11-4971-b38f-12c70d71b76b?source=api-prod","cve":"CVE-2023-51543","affectedVersions":"<=5.2.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/4b71b187-2e05-4bea-9177-cbf66fe08a44/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic - Custom Registration Forms, User Registration and User Login Plugin <= 4.6.0.2 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-02-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"4b71b187-2e05-4bea-9177-cbf66fe08a44"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4b71b187-2e05-4bea-9177-cbf66fe08a44?source=api-prod","cve":"CVE-2020-8435","affectedVersions":"<4.6.0.3","severity":"high"},{"advisoryId":"WPSECADV/WF/4be512bd-190a-415a-bd20-a49373f63fbb/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'RM_Forms' Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-15 02:16:59","sources":[{"name":"Wordfence","remoteId":"4be512bd-190a-415a-bd20-a49373f63fbb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4be512bd-190a-415a-bd20-a49373f63fbb?source=api-prod","cve":"CVE-2025-13610","affectedVersions":"<=6.0.6.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/52efc168-fed9-45c6-9a2c-1e3a198f71f9/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.0.2.1 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-02-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"52efc168-fed9-45c6-9a2c-1e3a198f71f9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/52efc168-fed9-45c6-9a2c-1e3a198f71f9?source=api-prod","cve":"CVE-2022-0420","affectedVersions":"<5.0.2.2","severity":"high"},{"advisoryId":"WPSECADV/WF/547e5814-0201-4dbf-9d2d-8028ca055402/custom-registration-form-builder-with-submission-manager","title":"Registration Magic <= 5.0.1.8 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"547e5814-0201-4dbf-9d2d-8028ca055402"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/547e5814-0201-4dbf-9d2d-8028ca055402?source=api-prod","cve":"CVE-2021-24648","affectedVersions":"<=5.0.1.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/63099a49-913f-428d-b9a4-85e1bc5afe56/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.7.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-18 00:00:00","sources":[{"name":"Wordfence","remoteId":"63099a49-913f-428d-b9a4-85e1bc5afe56"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/63099a49-913f-428d-b9a4-85e1bc5afe56?source=api-prod","cve":"CVE-2026-32385","affectedVersions":"<=6.0.7.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/6478cdbc-a20e-4fe2-bbd6-8a550e5da895/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.1.0 - Authenticated (Contributor+) SQL Injection via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"6478cdbc-a20e-4fe2-bbd6-8a550e5da895"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6478cdbc-a20e-4fe2-bbd6-8a550e5da895?source=api-prod","cve":"CVE-2024-1990","affectedVersions":"<=5.3.1.0","severity":"high"},{"advisoryId":"WPSECADV/WF/68dd9f6f-ccee-4a27-bd21-2fb32b92cc62/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.7.1 - Unauthenticated Privilege Escalation via admin_order\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-16 13:22:33","sources":[{"name":"Wordfence","remoteId":"68dd9f6f-ccee-4a27-bd21-2fb32b92cc62"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/68dd9f6f-ccee-4a27-bd21-2fb32b92cc62?source=api-prod","cve":"CVE-2025-15403","affectedVersions":"<=6.0.7.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/6f6883e4-3de6-4ca9-a26c-0b4f3bd5b70f/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic - Custom Registration Forms <= 3.7.9.4 - Reflected Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2017-12-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"6f6883e4-3de6-4ca9-a26c-0b4f3bd5b70f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6f6883e4-3de6-4ca9-a26c-0b4f3bd5b70f?source=api-prod","affectedVersions":"<=3.7.9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/6fde9239-edac-4f85-be12-80825595a332/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic - Custom Registration Forms <= 3.8.0.4 - SQL Injection\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2017-12-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"6fde9239-edac-4f85-be12-80825595a332"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6fde9239-edac-4f85-be12-80825595a332?source=api-prod","affectedVersions":"<=3.8.0.4","severity":"high"},{"advisoryId":"WPSECADV/WF/766e3966-157a-4db3-9179-813032343f76/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 5.3.0.0 - Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"766e3966-157a-4db3-9179-813032343f76"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/766e3966-157a-4db3-9179-813032343f76?source=api-prod","cve":"CVE-2024-1991","affectedVersions":"<=5.3.0.0","severity":"high"},{"advisoryId":"WPSECADV/WF/7dcde10d-4eb7-42fe-926e-05e56affc521/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.2.6 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"7dcde10d-4eb7-42fe-926e-05e56affc521"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7dcde10d-4eb7-42fe-926e-05e56affc521?source=api-prod","cve":"CVE-2023-47645","affectedVersions":"<=5.2.2.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/7f7d16d2-ecc0-4352-b7b9-2c3242f43dbf/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Settings and User Data Export\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"7f7d16d2-ecc0-4352-b7b9-2c3242f43dbf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7f7d16d2-ecc0-4352-b7b9-2c3242f43dbf?source=api-prod","cve":"CVE-2020-9458","affectedVersions":"<4.6.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/86ebb3d1-5fd1-48cb-95b7-f82014323f01/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.5.0 - Form Submission Limit Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"86ebb3d1-5fd1-48cb-95b7-f82014323f01"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/86ebb3d1-5fd1-48cb-95b7-f82014323f01?source=api-prod","cve":"CVE-2023-51544","affectedVersions":"<=5.2.5.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/87ec5542-b6e7-4b18-a3ec-c258e749d32e/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.1.0 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-05-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"87ec5542-b6e7-4b18-a3ec-c258e749d32e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/87ec5542-b6e7-4b18-a3ec-c258e749d32e?source=api-prod","cve":"CVE-2023-2499","affectedVersions":"<=5.2.1.0","severity":"critical"},{"advisoryId":"WPSECADV/WF/91a83f52-069e-4611-9b46-4a1913e23f42/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic < 6.0.7.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"91a83f52-069e-4611-9b46-4a1913e23f42"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/91a83f52-069e-4611-9b46-4a1913e23f42?source=api-prod","cve":"CVE-2026-0929","affectedVersions":"<6.0.7.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/9396c350-d72e-472b-8cbc-44edce557256/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.5.9 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"9396c350-d72e-472b-8cbc-44edce557256"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9396c350-d72e-472b-8cbc-44edce557256?source=api-prod","cve":"CVE-2024-29113","affectedVersions":"<=5.2.5.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/9b378df7-b182-4a56-a7fa-3228c06f960f/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic Plugin <= 5.2.4.5 - Authenticated(Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"9b378df7-b182-4a56-a7fa-3228c06f960f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9b378df7-b182-4a56-a7fa-3228c06f960f?source=api-prod","cve":"CVE-2023-50846","affectedVersions":"<5.2.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/9c0c3932-bdb0-4edb-bfec-2ed52cbc5cb6/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"9c0c3932-bdb0-4edb-bfec-2ed52cbc5cb6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9c0c3932-bdb0-4edb-bfec-2ed52cbc5cb6?source=api-prod","cve":"CVE-2025-2836","affectedVersions":"<=6.0.4.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/a023cdc5-3814-4120-86b2-6a60d385f898/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Email Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"a023cdc5-3814-4120-86b2-6a60d385f898"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a023cdc5-3814-4120-86b2-6a60d385f898?source=api-prod","cve":"CVE-2020-9455","affectedVersions":"<=4.6.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/b6da046f-a16f-4a93-b3c6-04270538b7a9/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.3.0.0 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"b6da046f-a16f-4a93-b3c6-04270538b7a9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b6da046f-a16f-4a93-b3c6-04270538b7a9?source=api-prod","cve":"CVE-2024-2951","affectedVersions":"<=5.3.0.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/bfbc406b-49af-419e-adeb-0510794b7e3f/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.2.0.5 - Authenticated (Admin+) Insecure Direct Object Reference to Arbitrary User Password Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-05-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"bfbc406b-49af-419e-adeb-0510794b7e3f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bfbc406b-49af-419e-adeb-0510794b7e3f?source=api-prod","cve":"CVE-2023-2548","affectedVersions":"<=5.2.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/c2b79193-f8fc-4ea2-8973-fe292cfb926b/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic - Custom Registration Forms <= 3.7.9.2 - PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2017-10-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"c2b79193-f8fc-4ea2-8973-fe292cfb926b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c2b79193-f8fc-4ea2-8973-fe292cfb926b?source=api-prod","cve":"CVE-2017-20208","affectedVersions":"<3.7.9.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/c4679fa7-be6b-4f50-8cdf-ff9822794f19/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – User Registration Plugin with Custom Registration Forms <= 6.0.2.6 - Unauthenticated Privilege Escalation via Password Recovery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"c4679fa7-be6b-4f50-8cdf-ff9822794f19"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c4679fa7-be6b-4f50-8cdf-ff9822794f19?source=api-prod","cve":"CVE-2024-10508","affectedVersions":"<=6.0.2.6","severity":"critical"},{"advisoryId":"WPSECADV/WF/cb269a48-e813-4cda-821a-ee70431372d2/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.2 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb269a48-e813-4cda-821a-ee70431372d2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb269a48-e813-4cda-821a-ee70431372d2?source=api-prod","cve":"CVE-2024-9390","affectedVersions":"<=6.0.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/d3088e5b-9e3c-4021-b99a-26ac90ece82e/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.6.9 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"d3088e5b-9e3c-4021-b99a-26ac90ece82e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d3088e5b-9e3c-4021-b99a-26ac90ece82e?source=api-prod","cve":"CVE-2026-24374","affectedVersions":"<=6.0.6.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/d46f8e8a-80cb-4407-ac07-f4c93be691b6/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration and User Login Plugin <= 4.6.0.1 - Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-01-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"d46f8e8a-80cb-4407-ac07-f4c93be691b6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d46f8e8a-80cb-4407-ac07-f4c93be691b6?source=api-prod","cve":"CVE-2020-8436","affectedVersions":"<=4.6.0.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/d590e730-ad5f-4046-b897-c3b8aed250b3/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.1 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"d590e730-ad5f-4046-b897-c3b8aed250b3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d590e730-ad5f-4046-b897-c3b8aed250b3?source=api-prod","cve":"CVE-2026-24373","affectedVersions":"<=6.0.7.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/d87c4534-3f71-4e7e-bf17-222e77fee24f/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.1 - Authenticated (Subscriber+) Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"d87c4534-3f71-4e7e-bf17-222e77fee24f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d87c4534-3f71-4e7e-bf17-222e77fee24f?source=api-prod","cve":"CVE-2025-15520","affectedVersions":"<=6.0.7.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/d8ba4a74-6649-4566-b9d5-19662539158b/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.0.1.5 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-01-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"d8ba4a74-6649-4566-b9d5-19662539158b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d8ba4a74-6649-4566-b9d5-19662539158b?source=api-prod","cve":"CVE-2021-24862","affectedVersions":"<=5.0.1.5","severity":"high"},{"advisoryId":"WPSECADV/WF/daf4d246-85f3-48b3-985f-982fea4772f1/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 6.0.7.4 - Missing Authorization to Unauthenticated Arbitrary Settings Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-27 19:10:54","sources":[{"name":"Wordfence","remoteId":"daf4d246-85f3-48b3-985f-982fea4772f1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/daf4d246-85f3-48b3-985f-982fea4772f1?source=api-prod","cve":"CVE-2026-1054","affectedVersions":"<=6.0.7.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/e7939401-822c-4d27-9d8c-c5680165e6a7/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms and User Login <= 4.6.0.3 - Authenticated Settings Import to Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"e7939401-822c-4d27-9d8c-c5680165e6a7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e7939401-822c-4d27-9d8c-c5680165e6a7?source=api-prod","cve":"CVE-2020-9457","affectedVersions":"<=4.6.0.3","severity":"critical"},{"advisoryId":"WPSECADV/WF/f6515d70-438b-47b7-a3c4-5b8dc401a40e/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.7.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"f6515d70-438b-47b7-a3c4-5b8dc401a40e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f6515d70-438b-47b7-a3c4-5b8dc401a40e?source=api-prod","cve":"CVE-2026-32498","affectedVersions":"<=6.0.7.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/fbd978fd-f759-4983-90b0-af7338e21d30/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.0.1.7 - Authentication Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-12-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"fbd978fd-f759-4983-90b0-af7338e21d30"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fbd978fd-f759-4983-90b0-af7338e21d30?source=api-prod","cve":"CVE-2021-4073","affectedVersions":"<=5.0.1.7","severity":"critical"},{"advisoryId":"WPSECADV/WF/fcfb3a6e-7b58-4568-8439-e9c68a2223b9/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.1.9.2 - Cross-Site Request Forgery leading to Form Metadata Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"fcfb3a6e-7b58-4568-8439-e9c68a2223b9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fcfb3a6e-7b58-4568-8439-e9c68a2223b9?source=api-prod","cve":"CVE-2023-25991","affectedVersions":"<=5.1.9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/fd78d162-d9aa-4623-9b89-5f1455739836/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.3.3 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"fd78d162-d9aa-4623-9b89-5f1455739836"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd78d162-d9aa-4623-9b89-5f1455739836?source=api-prod","cve":"CVE-2025-24686","affectedVersions":"<=6.0.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/fde0ab44-a354-4cbe-8548-0e5c08529082/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.1.9.2 - Missing Authorization to Unauthenticated Content Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"fde0ab44-a354-4cbe-8548-0e5c08529082"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fde0ab44-a354-4cbe-8548-0e5c08529082?source=api-prod","cve":"CVE-2023-23989","affectedVersions":"<=5.1.9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/feeb70e4-b602-40ce-bdeb-d947c6b6784d/custom-registration-form-builder-with-submission-manager","title":"RegistrationMagic <= 5.1.9.2 - Improper Authorization to Price Change\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-01-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"feeb70e4-b602-40ce-bdeb-d947c6b6784d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/feeb70e4-b602-40ce-bdeb-d947c6b6784d?source=api-prod","cve":"CVE-2023-23976","affectedVersions":"<=5.1.9.2","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_646f6b616e2d6c697465811c9dc5_gen.json b/internal/data/assets/plugin_646f6b616e2d6c697465811c9dc5_gen.json index 07b5843d..580ba656 100644 --- a/internal/data/assets/plugin_646f6b616e2d6c697465811c9dc5_gen.json +++ b/internal/data/assets/plugin_646f6b616e2d6c697465811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/02b0d7d7-8a10-48de-b1e1-7e1f1fda6ffe/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 4.3.1 - Unauthenticated Information Disclosure in Store Reviews REST API Endpoint\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"02b0d7d7-8a10-48de-b1e1-7e1f1fda6ffe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/02b0d7d7-8a10-48de-b1e1-7e1f1fda6ffe?source=api-prod","cve":"CVE-2026-3504","affectedVersions":"<=4.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/1597859c-2808-4e0f-aa8d-4e2727728e22/dokan-lite","title":"Dokan <=3.7.19 - Authenticated(Shop Manager+) PHP Object Injection via create_dummy_vendor\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"1597859c-2808-4e0f-aa8d-4e2727728e22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1597859c-2808-4e0f-aa8d-4e2727728e22?source=api-prod","cve":"CVE-2023-34382","affectedVersions":"<3.7.20","severity":"medium"},{"advisoryId":"WPSECADV/WF/18e8f72b-daa0-4a9f-a67b-d9be9a0862d2/dokan-lite","title":"Dokan <= 3.6.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"18e8f72b-daa0-4a9f-a67b-d9be9a0862d2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/18e8f72b-daa0-4a9f-a67b-d9be9a0862d2?source=api-prod","cve":"CVE-2022-3194","affectedVersions":"<=3.6.5","severity":"high"},{"advisoryId":"WPSECADV/WF/2da02a0e-4bc5-4dc6-b46e-7e74e0eb36dd/dokan-lite","title":"Dokan <= 3.6.3 - Authenticated (Vendor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"2da02a0e-4bc5-4dc6-b46e-7e74e0eb36dd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2da02a0e-4bc5-4dc6-b46e-7e74e0eb36dd?source=api-prod","cve":"CVE-2022-3194","affectedVersions":"<=3.6.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/4ab9d7e9-9a81-48f8-bc37-ad6de43a566f/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy <= 4.2.4 - Insecure Direct Object Reference to PayPal Account Takeover and Sensitive Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-19 15:32:29","sources":[{"name":"Wordfence","remoteId":"4ab9d7e9-9a81-48f8-bc37-ad6de43a566f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4ab9d7e9-9a81-48f8-bc37-ad6de43a566f?source=api-prod","cve":"CVE-2025-14977","affectedVersions":"<=4.2.4","severity":"high"},{"advisoryId":"WPSECADV/WF/84fb53bb-cced-4585-bb0d-c09d89293300/dokan-lite","title":"Dokan <= 4.1.3 - Authenticated (Shop Manager+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"84fb53bb-cced-4585-bb0d-c09d89293300"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/84fb53bb-cced-4585-bb0d-c09d89293300?source=api-prod","cve":"CVE-2025-53425","affectedVersions":"<=4.1.3","severity":"high"},{"advisoryId":"WPSECADV/WF/894c875a-078f-4c1f-83d2-4a6e4a309c3e/dokan-lite","title":"Dokan <= 3.0.8 - Cross-Site Request Forgery Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-09-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"894c875a-078f-4c1f-83d2-4a6e4a309c3e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/894c875a-078f-4c1f-83d2-4a6e4a309c3e?source=api-prod","cve":"CVE-2020-36748","affectedVersions":"<3.0.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/998e545c-2ad5-48ec-bad1-d346170af408/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 5.0.3 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Order Modification via Multiple AJAX Handlers\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-17 14:54:38","sources":[{"name":"Wordfence","remoteId":"998e545c-2ad5-48ec-bad1-d346170af408"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/998e545c-2ad5-48ec-bad1-d346170af408?source=api-prod","cve":"CVE-2026-10023","affectedVersions":"<=5.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/9e4d84ad-ab02-45b1-aecb-dc2c08c097fe/dokan-lite","title":"Dokan <= 3.7.5 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"9e4d84ad-ab02-45b1-aecb-dc2c08c097fe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9e4d84ad-ab02-45b1-aecb-dc2c08c097fe?source=api-prod","cve":"CVE-2022-3915","affectedVersions":"<=3.7.5","severity":"critical"},{"advisoryId":"WPSECADV/WF/b142859d-780f-47f8-aaed-000bdd0aaaa7/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy <= 5.0.2 - Authenticated (Customer+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"b142859d-780f-47f8-aaed-000bdd0aaaa7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b142859d-780f-47f8-aaed-000bdd0aaaa7?source=api-prod","cve":"CVE-2026-49780","affectedVersions":"<=5.0.2","severity":"high"},{"advisoryId":"WPSECADV/WF/b4967c95-8eb6-4c9b-ae6e-082dbc6af7f5/dokan-lite","title":"Dokan <= 3.7.12 - Authenticated (Vendor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"b4967c95-8eb6-4c9b-ae6e-082dbc6af7f5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b4967c95-8eb6-4c9b-ae6e-082dbc6af7f5?source=api-prod","cve":"CVE-2023-26525","affectedVersions":"<=3.7.12","severity":"high"},{"advisoryId":"WPSECADV/WF/b56abce9-82f8-4d73-bf97-cb1e2b65515b/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy <= 4.2.4 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"b56abce9-82f8-4d73-bf97-cb1e2b65515b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b56abce9-82f8-4d73-bf97-cb1e2b65515b?source=api-prod","cve":"CVE-2026-24359","affectedVersions":"<=4.2.4","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/02b0d7d7-8a10-48de-b1e1-7e1f1fda6ffe/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 4.3.1 - Unauthenticated Information Disclosure in Store Reviews REST API Endpoint\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"02b0d7d7-8a10-48de-b1e1-7e1f1fda6ffe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/02b0d7d7-8a10-48de-b1e1-7e1f1fda6ffe?source=api-prod","cve":"CVE-2026-3504","affectedVersions":"<=4.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/1359945a-cf4e-4883-830b-53a3fcd40e56/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 5.0.4 - Authenticated (Subscriber+) Insecure Direct Object Reference to Information Disclosure via 'id' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:54:35","sources":[{"name":"Wordfence","remoteId":"1359945a-cf4e-4883-830b-53a3fcd40e56"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1359945a-cf4e-4883-830b-53a3fcd40e56?source=api-prod","cve":"CVE-2026-11987","affectedVersions":"<=5.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/1597859c-2808-4e0f-aa8d-4e2727728e22/dokan-lite","title":"Dokan <=3.7.19 - Authenticated(Shop Manager+) PHP Object Injection via create_dummy_vendor\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"1597859c-2808-4e0f-aa8d-4e2727728e22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1597859c-2808-4e0f-aa8d-4e2727728e22?source=api-prod","cve":"CVE-2023-34382","affectedVersions":"<3.7.20","severity":"medium"},{"advisoryId":"WPSECADV/WF/18e8f72b-daa0-4a9f-a67b-d9be9a0862d2/dokan-lite","title":"Dokan <= 3.6.5 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"18e8f72b-daa0-4a9f-a67b-d9be9a0862d2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/18e8f72b-daa0-4a9f-a67b-d9be9a0862d2?source=api-prod","cve":"CVE-2022-3194","affectedVersions":"<=3.6.5","severity":"high"},{"advisoryId":"WPSECADV/WF/21065544-8a48-485b-88af-2e638b400de4/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 5.0.4 - Authenticated (Custom+) Stored Cross-Site Scripting via Product SKU\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:53:42","sources":[{"name":"Wordfence","remoteId":"21065544-8a48-485b-88af-2e638b400de4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/21065544-8a48-485b-88af-2e638b400de4?source=api-prod","cve":"CVE-2026-11783","affectedVersions":"<=5.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/2da02a0e-4bc5-4dc6-b46e-7e74e0eb36dd/dokan-lite","title":"Dokan <= 3.6.3 - Authenticated (Vendor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"2da02a0e-4bc5-4dc6-b46e-7e74e0eb36dd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2da02a0e-4bc5-4dc6-b46e-7e74e0eb36dd?source=api-prod","cve":"CVE-2022-3194","affectedVersions":"<=3.6.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/4ab9d7e9-9a81-48f8-bc37-ad6de43a566f/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy <= 4.2.4 - Insecure Direct Object Reference to PayPal Account Takeover and Sensitive Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-19 15:32:29","sources":[{"name":"Wordfence","remoteId":"4ab9d7e9-9a81-48f8-bc37-ad6de43a566f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4ab9d7e9-9a81-48f8-bc37-ad6de43a566f?source=api-prod","cve":"CVE-2025-14977","affectedVersions":"<=4.2.4","severity":"high"},{"advisoryId":"WPSECADV/WF/84fb53bb-cced-4585-bb0d-c09d89293300/dokan-lite","title":"Dokan <= 4.1.3 - Authenticated (Shop Manager+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"84fb53bb-cced-4585-bb0d-c09d89293300"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/84fb53bb-cced-4585-bb0d-c09d89293300?source=api-prod","cve":"CVE-2025-53425","affectedVersions":"<=4.1.3","severity":"high"},{"advisoryId":"WPSECADV/WF/894c875a-078f-4c1f-83d2-4a6e4a309c3e/dokan-lite","title":"Dokan <= 3.0.8 - Cross-Site Request Forgery Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-09-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"894c875a-078f-4c1f-83d2-4a6e4a309c3e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/894c875a-078f-4c1f-83d2-4a6e4a309c3e?source=api-prod","cve":"CVE-2020-36748","affectedVersions":"<3.0.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/998e545c-2ad5-48ec-bad1-d346170af408/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution <= 5.0.3 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Order Modification via Multiple AJAX Handlers\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-17 14:54:38","sources":[{"name":"Wordfence","remoteId":"998e545c-2ad5-48ec-bad1-d346170af408"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/998e545c-2ad5-48ec-bad1-d346170af408?source=api-prod","cve":"CVE-2026-10023","affectedVersions":"<=5.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/9e4d84ad-ab02-45b1-aecb-dc2c08c097fe/dokan-lite","title":"Dokan <= 3.7.5 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"9e4d84ad-ab02-45b1-aecb-dc2c08c097fe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9e4d84ad-ab02-45b1-aecb-dc2c08c097fe?source=api-prod","cve":"CVE-2022-3915","affectedVersions":"<=3.7.5","severity":"critical"},{"advisoryId":"WPSECADV/WF/b142859d-780f-47f8-aaed-000bdd0aaaa7/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy <= 5.0.2 - Authenticated (Customer+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"b142859d-780f-47f8-aaed-000bdd0aaaa7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b142859d-780f-47f8-aaed-000bdd0aaaa7?source=api-prod","cve":"CVE-2026-49780","affectedVersions":"<=5.0.2","severity":"high"},{"advisoryId":"WPSECADV/WF/b4967c95-8eb6-4c9b-ae6e-082dbc6af7f5/dokan-lite","title":"Dokan <= 3.7.12 - Authenticated (Vendor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"b4967c95-8eb6-4c9b-ae6e-082dbc6af7f5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b4967c95-8eb6-4c9b-ae6e-082dbc6af7f5?source=api-prod","cve":"CVE-2023-26525","affectedVersions":"<=3.7.12","severity":"high"},{"advisoryId":"WPSECADV/WF/b56abce9-82f8-4d73-bf97-cb1e2b65515b/dokan-lite","title":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy <= 4.2.4 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"b56abce9-82f8-4d73-bf97-cb1e2b65515b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b56abce9-82f8-4d73-bf97-cb1e2b65515b?source=api-prod","cve":"CVE-2026-24359","affectedVersions":"<=4.2.4","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_677574656e7665727365811c9dc5_gen.json b/internal/data/assets/plugin_677574656e7665727365811c9dc5_gen.json index 3467af34..e3ed3dac 100644 --- a/internal/data/assets/plugin_677574656e7665727365811c9dc5_gen.json +++ b/internal/data/assets/plugin_677574656e7665727365811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/23518a21-7b76-4edb-9a35-b6f623ed50a7/gutenverse","title":"Gutenverse <= 3.4.6 - Reflected Cross-Site Scripting via 's' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"23518a21-7b76-4edb-9a35-b6f623ed50a7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/23518a21-7b76-4edb-9a35-b6f623ed50a7?source=api-prod","cve":"CVE-2026-3001","affectedVersions":"<=3.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/3a152cbd-1452-483c-8780-afa8054c3686/gutenverse","title":"Gutenverse <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"3a152cbd-1452-483c-8780-afa8054c3686"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3a152cbd-1452-483c-8780-afa8054c3686?source=api-prod","cve":"CVE-2024-38785","affectedVersions":"<=1.9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/4c4e1d2c-bb20-40b7-90a3-96df68d083b8/gutenverse","title":"Gutenverse <= 1.8.5 - Missing Authorization via 'data/update' API Endpoint\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"4c4e1d2c-bb20-40b7-90a3-96df68d083b8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4c4e1d2c-bb20-40b7-90a3-96df68d083b8?source=api-prod","cve":"CVE-2023-35875","affectedVersions":"<=1.8.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/690e7f00-d9db-4912-9438-7fcbcb026800/gutenverse","title":"Gutenverse <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via countdown Block\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-28 17:26:18","sources":[{"name":"Wordfence","remoteId":"690e7f00-d9db-4912-9438-7fcbcb026800"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/690e7f00-d9db-4912-9438-7fcbcb026800?source=api-prod","cve":"CVE-2025-2893","affectedVersions":"<=2.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/76cfe806-a8d9-4249-b2d0-eb3a314ca69a/gutenverse","title":"Gutenverse <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-08-05 17:41:10","sources":[{"name":"Wordfence","remoteId":"76cfe806-a8d9-4249-b2d0-eb3a314ca69a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/76cfe806-a8d9-4249-b2d0-eb3a314ca69a?source=api-prod","cve":"CVE-2025-7727","affectedVersions":"<=3.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/8056af63-e81f-4321-991e-d201ad1095c4/gutenverse","title":"Gutenverse <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"8056af63-e81f-4321-991e-d201ad1095c4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8056af63-e81f-4321-991e-d201ad1095c4?source=api-prod","cve":"CVE-2024-3692","affectedVersions":"<=1.9.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/89100b33-0e27-4a04-9407-8505524e7e45/gutenverse","title":"Gutenverse <= 3.2.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"89100b33-0e27-4a04-9407-8505524e7e45"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/89100b33-0e27-4a04-9407-8505524e7e45?source=api-prod","cve":"CVE-2025-66065","affectedVersions":"<=3.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/950f7493-4ccb-4a8a-9cc2-23b9ba3a9cd0/gutenverse","title":"Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'imageLoad'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-03 13:45:17","sources":[{"name":"Wordfence","remoteId":"950f7493-4ccb-4a8a-9cc2-23b9ba3a9cd0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/950f7493-4ccb-4a8a-9cc2-23b9ba3a9cd0?source=api-prod","cve":"CVE-2026-2924","affectedVersions":"<=3.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/ac909a4b-d949-42eb-871a-963bc6242c12/gutenverse","title":"Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.5.3 - Authenticated (Contributor+) Server-Side Request Forgery via 'imageUrl'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:51:49","sources":[{"name":"Wordfence","remoteId":"ac909a4b-d949-42eb-871a-963bc6242c12"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ac909a4b-d949-42eb-871a-963bc6242c12?source=api-prod","cve":"CVE-2026-2948","affectedVersions":"<=3.5.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/cc540e5c-180f-4743-b1fb-608aa0e3ae79/gutenverse","title":"Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'separatorIconSVG'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:22:31","sources":[{"name":"Wordfence","remoteId":"cc540e5c-180f-4743-b1fb-608aa0e3ae79"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cc540e5c-180f-4743-b1fb-608aa0e3ae79?source=api-prod","cve":"CVE-2026-2868","affectedVersions":"<=3.5.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/d8f40034-c868-4337-bf0a-385a961f9c35/gutenverse","title":"Gutenverse <= 1.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"d8f40034-c868-4337-bf0a-385a961f9c35"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d8f40034-c868-4337-bf0a-385a961f9c35?source=api-prod","cve":"CVE-2024-43920","affectedVersions":"<=1.9.4","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/23518a21-7b76-4edb-9a35-b6f623ed50a7/gutenverse","title":"Gutenverse <= 3.4.6 - Reflected Cross-Site Scripting via 's' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"23518a21-7b76-4edb-9a35-b6f623ed50a7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/23518a21-7b76-4edb-9a35-b6f623ed50a7?source=api-prod","cve":"CVE-2026-3001","affectedVersions":"<=3.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/3a152cbd-1452-483c-8780-afa8054c3686/gutenverse","title":"Gutenverse <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"3a152cbd-1452-483c-8780-afa8054c3686"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3a152cbd-1452-483c-8780-afa8054c3686?source=api-prod","cve":"CVE-2024-38785","affectedVersions":"<=1.9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/4c4e1d2c-bb20-40b7-90a3-96df68d083b8/gutenverse","title":"Gutenverse <= 1.8.5 - Missing Authorization via 'data/update' API Endpoint\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"4c4e1d2c-bb20-40b7-90a3-96df68d083b8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4c4e1d2c-bb20-40b7-90a3-96df68d083b8?source=api-prod","cve":"CVE-2023-35875","affectedVersions":"<=1.8.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/690e7f00-d9db-4912-9438-7fcbcb026800/gutenverse","title":"Gutenverse <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via countdown Block\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-28 17:26:18","sources":[{"name":"Wordfence","remoteId":"690e7f00-d9db-4912-9438-7fcbcb026800"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/690e7f00-d9db-4912-9438-7fcbcb026800?source=api-prod","cve":"CVE-2025-2893","affectedVersions":"<=2.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/76cfe806-a8d9-4249-b2d0-eb3a314ca69a/gutenverse","title":"Gutenverse <= 3.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text and Fun Fact Blocks\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-08-05 17:41:10","sources":[{"name":"Wordfence","remoteId":"76cfe806-a8d9-4249-b2d0-eb3a314ca69a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/76cfe806-a8d9-4249-b2d0-eb3a314ca69a?source=api-prod","cve":"CVE-2025-7727","affectedVersions":"<=3.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/8056af63-e81f-4321-991e-d201ad1095c4/gutenverse","title":"Gutenverse <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"8056af63-e81f-4321-991e-d201ad1095c4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8056af63-e81f-4321-991e-d201ad1095c4?source=api-prod","cve":"CVE-2024-3692","affectedVersions":"<=1.9.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/89100b33-0e27-4a04-9407-8505524e7e45/gutenverse","title":"Gutenverse <= 3.2.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"89100b33-0e27-4a04-9407-8505524e7e45"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/89100b33-0e27-4a04-9407-8505524e7e45?source=api-prod","cve":"CVE-2025-66065","affectedVersions":"<=3.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/950f7493-4ccb-4a8a-9cc2-23b9ba3a9cd0/gutenverse","title":"Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'imageLoad'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-03 13:45:17","sources":[{"name":"Wordfence","remoteId":"950f7493-4ccb-4a8a-9cc2-23b9ba3a9cd0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/950f7493-4ccb-4a8a-9cc2-23b9ba3a9cd0?source=api-prod","cve":"CVE-2026-2924","affectedVersions":"<=3.4.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/ac909a4b-d949-42eb-871a-963bc6242c12/gutenverse","title":"Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.5.3 - Authenticated (Contributor+) Server-Side Request Forgery via 'imageUrl'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:51:49","sources":[{"name":"Wordfence","remoteId":"ac909a4b-d949-42eb-871a-963bc6242c12"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ac909a4b-d949-42eb-871a-963bc6242c12?source=api-prod","cve":"CVE-2026-2948","affectedVersions":"<=3.5.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/cc540e5c-180f-4743-b1fb-608aa0e3ae79/gutenverse","title":"Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem <= 3.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'separatorIconSVG'\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-04 14:22:31","sources":[{"name":"Wordfence","remoteId":"cc540e5c-180f-4743-b1fb-608aa0e3ae79"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cc540e5c-180f-4743-b1fb-608aa0e3ae79?source=api-prod","cve":"CVE-2026-2868","affectedVersions":"<=3.5.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/d8f40034-c868-4337-bf0a-385a961f9c35/gutenverse","title":"Gutenverse <= 1.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"d8f40034-c868-4337-bf0a-385a961f9c35"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d8f40034-c868-4337-bf0a-385a961f9c35?source=api-prod","cve":"CVE-2024-43920","affectedVersions":"<=1.9.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/fd1c679b-43e0-4e3a-ae2d-f6ff8a657512/gutenverse","title":"Gutenverse <= 3.8.0 - Authenticated (Editor+) Stored Cross-Site Scripting via 'fonts[].font.font.value' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:52:15","sources":[{"name":"Wordfence","remoteId":"fd1c679b-43e0-4e3a-ae2d-f6ff8a657512"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd1c679b-43e0-4e3a-ae2d-f6ff8a657512?source=api-prod","cve":"CVE-2026-12399","affectedVersions":"<=3.8.0","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6c6561726e696e672d6d616e6167656d656e742d73797374656d811c9dc5_gen.json b/internal/data/assets/plugin_6c6561726e696e672d6d616e6167656d656e742d73797374656d811c9dc5_gen.json index 582346f5..ebd08895 100644 --- a/internal/data/assets/plugin_6c6561726e696e672d6d616e6167656d656e742d73797374656d811c9dc5_gen.json +++ b/internal/data/assets/plugin_6c6561726e696e672d6d616e6167656d656e742d73797374656d811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/0173e2a3-452d-490b-8ed7-a049a476d137/learning-management-system","title":"Masteriyo - LMS <= 1.7.3 - Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"0173e2a3-452d-490b-8ed7-a049a476d137"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0173e2a3-452d-490b-8ed7-a049a476d137?source=api-prod","cve":"CVE-2024-33939","affectedVersions":"<=1.7.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/075f328b-e854-4312-98d1-634acd6b1c22/learning-management-system","title":"Masteriyo - LMS <= 1.18.3 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"075f328b-e854-4312-98d1-634acd6b1c22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/075f328b-e854-4312-98d1-634acd6b1c22?source=api-prod","cve":"CVE-2025-54699","affectedVersions":"<=1.18.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/0c54166e-2af2-409d-8c67-9c07f2028543/learning-management-system","title":"Masteriyo LMS – eLearning and Online Course Builder for WordPress <= 1.13.3 - Authenticated (Student+) Missing Authorization to Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-28 16:31:51","sources":[{"name":"Wordfence","remoteId":"0c54166e-2af2-409d-8c67-9c07f2028543"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0c54166e-2af2-409d-8c67-9c07f2028543?source=api-prod","cve":"CVE-2024-10008","affectedVersions":"<=1.13.3","severity":"high"},{"advisoryId":"WPSECADV/WF/1e18c00b-fd26-4ac3-adf8-fd52d139e33f/learning-management-system","title":"Masteriyo LMS – LMS Course Builder, Quizzes & Certificates <= 2.2.0 - Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"1e18c00b-fd26-4ac3-adf8-fd52d139e33f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1e18c00b-fd26-4ac3-adf8-fd52d139e33f?source=api-prod","cve":"CVE-2026-49111","affectedVersions":"<=2.2.0","severity":"high"},{"advisoryId":"WPSECADV/WF/265be0af-66a4-4636-ab81-f8e2c5a1282e/learning-management-system","title":"Masteriyo LMS <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-25 12:44:04","sources":[{"name":"Wordfence","remoteId":"265be0af-66a4-4636-ab81-f8e2c5a1282e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/265be0af-66a4-4636-ab81-f8e2c5a1282e?source=api-prod","cve":"CVE-2026-4484","affectedVersions":"<=2.1.6","severity":"high"},{"advisoryId":"WPSECADV/WF/2d0a9410-533a-4d5a-859c-fc9ad839f47a/learning-management-system","title":"Masteriyo - LMS <= 2.0.3 - Authenticated (Subscriber+) Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"2d0a9410-533a-4d5a-859c-fc9ad839f47a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d0a9410-533a-4d5a-859c-fc9ad839f47a?source=api-prod","cve":"CVE-2025-64270","affectedVersions":"<=2.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/4f76d908-91e7-4933-afab-9a7bfe18e088/learning-management-system","title":"Masteriyo LMS – LMS Course Builder, Quizzes & Certificates <= 2.1.8 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"4f76d908-91e7-4933-afab-9a7bfe18e088"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4f76d908-91e7-4933-afab-9a7bfe18e088?source=api-prod","cve":"CVE-2026-42743","affectedVersions":"<=2.1.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/575f103e-cfc7-4efd-a592-658a3e919671/learning-management-system","title":"Masteriyo LMS – eLearning and Online Course Builder for WordPress <= 1.13.3 - Authenticated (Student+) Stored Cross-Site Scripting via Ask a Question Functionality\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-28 16:31:52","sources":[{"name":"Wordfence","remoteId":"575f103e-cfc7-4efd-a592-658a3e919671"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/575f103e-cfc7-4efd-a592-658a3e919671?source=api-prod","cve":"CVE-2024-10000","affectedVersions":"<=1.13.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/5e8933b8-1e09-4cd7-8206-711cc0716dba/learning-management-system","title":"Masteriyo - LMS for WordPress <= 1.6.7 - Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"5e8933b8-1e09-4cd7-8206-711cc0716dba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5e8933b8-1e09-4cd7-8206-711cc0716dba?source=api-prod","cve":"CVE-2023-3345","affectedVersions":"<1.6.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/73b4e081-caa8-4055-91e2-11979df20159/learning-management-system","title":"Masteriyo LMS – Online Course Builder for eLearning, LMS & Education <= 2.1.5 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"73b4e081-caa8-4055-91e2-11979df20159"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/73b4e081-caa8-4055-91e2-11979df20159?source=api-prod","cve":"CVE-2026-39524","affectedVersions":"<=2.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/8cf1276b-401d-4166-940e-e5d60f85e762/learning-management-system","title":"Masteriyo - LMS <= 1.7.2 - Unauthenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"8cf1276b-401d-4166-940e-e5d60f85e762"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8cf1276b-401d-4166-940e-e5d60f85e762?source=api-prod","cve":"CVE-2024-24882","affectedVersions":"<=1.7.2","severity":"critical"},{"advisoryId":"WPSECADV/WF/90f62ee2-f2a8-49e6-ba7a-8c408c66c456/learning-management-system","title":"Masteriyo - LMS <= 1.11.4 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"90f62ee2-f2a8-49e6-ba7a-8c408c66c456"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/90f62ee2-f2a8-49e6-ba7a-8c408c66c456?source=api-prod","cve":"CVE-2024-43158","affectedVersions":"<=1.11.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/b6d51dc3-b695-4e9d-b25a-d1b302be1fec/learning-management-system","title":"Masteriyo LMS <= 2.1.7 - Unauthenticated Authorization Bypass to Arbitrary Order Completion via Stripe Webhook Endpoint\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 17:55:41","sources":[{"name":"Wordfence","remoteId":"b6d51dc3-b695-4e9d-b25a-d1b302be1fec"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b6d51dc3-b695-4e9d-b25a-d1b302be1fec?source=api-prod","cve":"CVE-2026-5167","affectedVersions":"<=2.1.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/c3d7a587-042d-4ba1-9373-aaeb24c711f5/learning-management-system","title":"Masteriyo - LMS <= 1.11.4 - Authenticated (Student+) Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"c3d7a587-042d-4ba1-9373-aaeb24c711f5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c3d7a587-042d-4ba1-9373-aaeb24c711f5?source=api-prod","cve":"CVE-2024-43239","affectedVersions":"<=1.11.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/e48142c2-3688-4638-abfc-1e191f362055/learning-management-system","title":"Masteriyo - LMS <= 1.11.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"e48142c2-3688-4638-abfc-1e191f362055"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e48142c2-3688-4638-abfc-1e191f362055?source=api-prod","cve":"CVE-2024-43159","affectedVersions":"<=1.11.6","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/0173e2a3-452d-490b-8ed7-a049a476d137/learning-management-system","title":"Masteriyo - LMS <= 1.7.3 - Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"0173e2a3-452d-490b-8ed7-a049a476d137"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0173e2a3-452d-490b-8ed7-a049a476d137?source=api-prod","cve":"CVE-2024-33939","affectedVersions":"<=1.7.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/075f328b-e854-4312-98d1-634acd6b1c22/learning-management-system","title":"Masteriyo - LMS <= 1.18.3 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"075f328b-e854-4312-98d1-634acd6b1c22"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/075f328b-e854-4312-98d1-634acd6b1c22?source=api-prod","cve":"CVE-2025-54699","affectedVersions":"<=1.18.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/0c54166e-2af2-409d-8c67-9c07f2028543/learning-management-system","title":"Masteriyo LMS – eLearning and Online Course Builder for WordPress <= 1.13.3 - Authenticated (Student+) Missing Authorization to Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-28 16:31:51","sources":[{"name":"Wordfence","remoteId":"0c54166e-2af2-409d-8c67-9c07f2028543"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0c54166e-2af2-409d-8c67-9c07f2028543?source=api-prod","cve":"CVE-2024-10008","affectedVersions":"<=1.13.3","severity":"high"},{"advisoryId":"WPSECADV/WF/1e18c00b-fd26-4ac3-adf8-fd52d139e33f/learning-management-system","title":"Masteriyo LMS – LMS Course Builder, Quizzes & Certificates <= 2.2.0 - Authenticated (Subscriber+) Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"1e18c00b-fd26-4ac3-adf8-fd52d139e33f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1e18c00b-fd26-4ac3-adf8-fd52d139e33f?source=api-prod","cve":"CVE-2026-49111","affectedVersions":"<=2.2.0","severity":"high"},{"advisoryId":"WPSECADV/WF/265be0af-66a4-4636-ab81-f8e2c5a1282e/learning-management-system","title":"Masteriyo LMS <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-25 12:44:04","sources":[{"name":"Wordfence","remoteId":"265be0af-66a4-4636-ab81-f8e2c5a1282e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/265be0af-66a4-4636-ab81-f8e2c5a1282e?source=api-prod","cve":"CVE-2026-4484","affectedVersions":"<=2.1.6","severity":"high"},{"advisoryId":"WPSECADV/WF/2d0a9410-533a-4d5a-859c-fc9ad839f47a/learning-management-system","title":"Masteriyo - LMS <= 2.0.3 - Authenticated (Subscriber+) Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"2d0a9410-533a-4d5a-859c-fc9ad839f47a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2d0a9410-533a-4d5a-859c-fc9ad839f47a?source=api-prod","cve":"CVE-2025-64270","affectedVersions":"<=2.0.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/4f76d908-91e7-4933-afab-9a7bfe18e088/learning-management-system","title":"Masteriyo LMS – LMS Course Builder, Quizzes & Certificates <= 2.1.8 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"4f76d908-91e7-4933-afab-9a7bfe18e088"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4f76d908-91e7-4933-afab-9a7bfe18e088?source=api-prod","cve":"CVE-2026-42743","affectedVersions":"<=2.1.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/575f103e-cfc7-4efd-a592-658a3e919671/learning-management-system","title":"Masteriyo LMS – eLearning and Online Course Builder for WordPress <= 1.13.3 - Authenticated (Student+) Stored Cross-Site Scripting via Ask a Question Functionality\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-10-28 16:31:52","sources":[{"name":"Wordfence","remoteId":"575f103e-cfc7-4efd-a592-658a3e919671"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/575f103e-cfc7-4efd-a592-658a3e919671?source=api-prod","cve":"CVE-2024-10000","affectedVersions":"<=1.13.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/5780d762-2313-4c81-be02-99543359d824/learning-management-system","title":"Masteriyo LMS <= 2.2.1 - Missing Authorization to Authenticated (Student+) Arbitrary Course Announcement Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:55:05","sources":[{"name":"Wordfence","remoteId":"5780d762-2313-4c81-be02-99543359d824"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5780d762-2313-4c81-be02-99543359d824?source=api-prod","cve":"CVE-2026-11773","affectedVersions":"<=2.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/5e8933b8-1e09-4cd7-8206-711cc0716dba/learning-management-system","title":"Masteriyo - LMS for WordPress <= 1.6.7 - Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"5e8933b8-1e09-4cd7-8206-711cc0716dba"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5e8933b8-1e09-4cd7-8206-711cc0716dba?source=api-prod","cve":"CVE-2023-3345","affectedVersions":"<1.6.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/73b4e081-caa8-4055-91e2-11979df20159/learning-management-system","title":"Masteriyo LMS – Online Course Builder for eLearning, LMS & Education <= 2.1.5 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"73b4e081-caa8-4055-91e2-11979df20159"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/73b4e081-caa8-4055-91e2-11979df20159?source=api-prod","cve":"CVE-2026-39524","affectedVersions":"<=2.1.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/8cf1276b-401d-4166-940e-e5d60f85e762/learning-management-system","title":"Masteriyo - LMS <= 1.7.2 - Unauthenticated Privilege Escalation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-04-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"8cf1276b-401d-4166-940e-e5d60f85e762"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8cf1276b-401d-4166-940e-e5d60f85e762?source=api-prod","cve":"CVE-2024-24882","affectedVersions":"<=1.7.2","severity":"critical"},{"advisoryId":"WPSECADV/WF/90f62ee2-f2a8-49e6-ba7a-8c408c66c456/learning-management-system","title":"Masteriyo - LMS <= 1.11.4 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"90f62ee2-f2a8-49e6-ba7a-8c408c66c456"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/90f62ee2-f2a8-49e6-ba7a-8c408c66c456?source=api-prod","cve":"CVE-2024-43158","affectedVersions":"<=1.11.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/b6d51dc3-b695-4e9d-b25a-d1b302be1fec/learning-management-system","title":"Masteriyo LMS <= 2.1.7 - Unauthenticated Authorization Bypass to Arbitrary Order Completion via Stripe Webhook Endpoint\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-07 17:55:41","sources":[{"name":"Wordfence","remoteId":"b6d51dc3-b695-4e9d-b25a-d1b302be1fec"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b6d51dc3-b695-4e9d-b25a-d1b302be1fec?source=api-prod","cve":"CVE-2026-5167","affectedVersions":"<=2.1.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/c3d7a587-042d-4ba1-9373-aaeb24c711f5/learning-management-system","title":"Masteriyo - LMS <= 1.11.4 - Authenticated (Student+) Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"c3d7a587-042d-4ba1-9373-aaeb24c711f5"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c3d7a587-042d-4ba1-9373-aaeb24c711f5?source=api-prod","cve":"CVE-2024-43239","affectedVersions":"<=1.11.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/e48142c2-3688-4638-abfc-1e191f362055/learning-management-system","title":"Masteriyo - LMS <= 1.11.6 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-07 00:00:00","sources":[{"name":"Wordfence","remoteId":"e48142c2-3688-4638-abfc-1e191f362055"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e48142c2-3688-4638-abfc-1e191f362055?source=api-prod","cve":"CVE-2024-43159","affectedVersions":"<=1.11.6","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6d6178627574746f6e73811c9dc5_gen.json b/internal/data/assets/plugin_6d6178627574746f6e73811c9dc5_gen.json index d7989f95..dbe68574 100644 --- a/internal/data/assets/plugin_6d6178627574746f6e73811c9dc5_gen.json +++ b/internal/data/assets/plugin_6d6178627574746f6e73811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/0d3aa440-29a8-47cd-98f4-cf1cbdf92f66/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.7.7 - Authenticated (Editor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"0d3aa440-29a8-47cd-98f4-cf1cbdf92f66"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0d3aa440-29a8-47cd-98f4-cf1cbdf92f66?source=api-prod","cve":"CVE-2024-3026","affectedVersions":"<=9.7.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/25f8b0db-eed2-468a-a6b3-ed93daaddcb2/maxbuttons","title":"MaxButtons < 1.26.1 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2014-09-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"25f8b0db-eed2-468a-a6b3-ed93daaddcb2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/25f8b0db-eed2-468a-a6b3-ed93daaddcb2?source=api-prod","cve":"CVE-2014-7181","affectedVersions":"<1.26.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/2ff7ab4f-bb00-4443-a06b-f61c53da9876/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.8.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Button Width\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"2ff7ab4f-bb00-4443-a06b-f61c53da9876"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2ff7ab4f-bb00-4443-a06b-f61c53da9876?source=api-prod","cve":"CVE-2024-10555","affectedVersions":"<=9.8.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/41f6e826-9326-40fa-80d0-4cff1dd72536/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.2 - Shortcode-Based Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-07-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"41f6e826-9326-40fa-80d0-4cff1dd72536"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/41f6e826-9326-40fa-80d0-4cff1dd72536?source=api-prod","affectedVersions":"<=9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/64c4c001-1963-437e-9394-cf3ad0e63342/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.8.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Text Color\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"64c4c001-1963-437e-9394-cf3ad0e63342"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/64c4c001-1963-437e-9394-cf3ad0e63342?source=api-prod","cve":"CVE-2024-8968","affectedVersions":"<=9.8.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/74f4068b-224e-4523-9a8d-8713b779a262/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.2 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-08-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"74f4068b-224e-4523-9a8d-8713b779a262"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/74f4068b-224e-4523-9a8d-8713b779a262?source=api-prod","cve":"CVE-2022-36346","affectedVersions":"<=9.2","severity":"high"},{"advisoryId":"WPSECADV/WF/8eaf6dfd-bc66-466f-af80-213213fdb839/maxbuttons","title":"MaxButtons <= 9.2 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-08-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"8eaf6dfd-bc66-466f-af80-213213fdb839"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8eaf6dfd-bc66-466f-af80-213213fdb839?source=api-prod","cve":"CVE-2022-38703","affectedVersions":"<=9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/923ee3a7-a591-4132-8fbe-bd0edf8b7bb8/maxbuttons","title":"MaxButtons <= 9.8.3 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"923ee3a7-a591-4132-8fbe-bd0edf8b7bb8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/923ee3a7-a591-4132-8fbe-bd0edf8b7bb8?source=api-prod","cve":"CVE-2025-39444","affectedVersions":"<=9.8.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/af478e73-a2b8-468a-9075-9c1db1a97d7c/maxbuttons","title":"MaxButtons <= 9.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"af478e73-a2b8-468a-9075-9c1db1a97d7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/af478e73-a2b8-468a-9075-9c1db1a97d7c?source=api-prod","cve":"CVE-2023-36503","affectedVersions":"<=9.5.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/bca0e8a0-d837-42d8-a9d3-35e0c820eb43/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.7.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"bca0e8a0-d837-42d8-a9d3-35e0c820eb43"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bca0e8a0-d837-42d8-a9d3-35e0c820eb43?source=api-prod","cve":"CVE-2023-7029","affectedVersions":"<=9.7.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/cfe2cabd-98f6-4ebc-8a02-e6951202aa88/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.7.4 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"cfe2cabd-98f6-4ebc-8a02-e6951202aa88"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cfe2cabd-98f6-4ebc-8a02-e6951202aa88?source=api-prod","cve":"CVE-2023-6594","affectedVersions":"<=9.7.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/efa01956-7c03-4f0f-9054-6920013a2b32/maxbuttons","title":"MaxButtons <= 6.18 - Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2017-05-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"efa01956-7c03-4f0f-9054-6920013a2b32"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/efa01956-7c03-4f0f-9054-6920013a2b32?source=api-prod","cve":"CVE-2017-2169","affectedVersions":"<=6.18","severity":"medium"},{"advisoryId":"WPSECADV/WF/fdd0694c-ea7e-4cf8-a8d8-82a2b02fecdf/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.7.8 - Full Path Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"fdd0694c-ea7e-4cf8-a8d8-82a2b02fecdf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fdd0694c-ea7e-4cf8-a8d8-82a2b02fecdf?source=api-prod","cve":"CVE-2024-6499","affectedVersions":"<=9.7.8","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/0d3aa440-29a8-47cd-98f4-cf1cbdf92f66/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.7.7 - Authenticated (Editor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"0d3aa440-29a8-47cd-98f4-cf1cbdf92f66"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0d3aa440-29a8-47cd-98f4-cf1cbdf92f66?source=api-prod","cve":"CVE-2024-3026","affectedVersions":"<=9.7.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/25f8b0db-eed2-468a-a6b3-ed93daaddcb2/maxbuttons","title":"MaxButtons < 1.26.1 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2014-09-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"25f8b0db-eed2-468a-a6b3-ed93daaddcb2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/25f8b0db-eed2-468a-a6b3-ed93daaddcb2?source=api-prod","cve":"CVE-2014-7181","affectedVersions":"<1.26.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/2ff7ab4f-bb00-4443-a06b-f61c53da9876/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.8.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Button Width\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"2ff7ab4f-bb00-4443-a06b-f61c53da9876"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2ff7ab4f-bb00-4443-a06b-f61c53da9876?source=api-prod","cve":"CVE-2024-10555","affectedVersions":"<=9.8.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/41f6e826-9326-40fa-80d0-4cff1dd72536/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.2 - Shortcode-Based Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-07-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"41f6e826-9326-40fa-80d0-4cff1dd72536"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/41f6e826-9326-40fa-80d0-4cff1dd72536?source=api-prod","affectedVersions":"<=9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/5805b1f1-34e7-49d5-93dd-748113b6093b/maxbuttons","title":"MaxButtons <= 9.8.5 - Reflected Cross-Site Scripting via 'view' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"5805b1f1-34e7-49d5-93dd-748113b6093b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5805b1f1-34e7-49d5-93dd-748113b6093b?source=api-prod","cve":"CVE-2026-13245","affectedVersions":"<=9.8.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/64c4c001-1963-437e-9394-cf3ad0e63342/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.8.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Text Color\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-11-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"64c4c001-1963-437e-9394-cf3ad0e63342"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/64c4c001-1963-437e-9394-cf3ad0e63342?source=api-prod","cve":"CVE-2024-8968","affectedVersions":"<=9.8.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/74f4068b-224e-4523-9a8d-8713b779a262/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.2 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-08-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"74f4068b-224e-4523-9a8d-8713b779a262"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/74f4068b-224e-4523-9a8d-8713b779a262?source=api-prod","cve":"CVE-2022-36346","affectedVersions":"<=9.2","severity":"high"},{"advisoryId":"WPSECADV/WF/8eaf6dfd-bc66-466f-af80-213213fdb839/maxbuttons","title":"MaxButtons <= 9.2 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-08-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"8eaf6dfd-bc66-466f-af80-213213fdb839"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8eaf6dfd-bc66-466f-af80-213213fdb839?source=api-prod","cve":"CVE-2022-38703","affectedVersions":"<=9.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/923ee3a7-a591-4132-8fbe-bd0edf8b7bb8/maxbuttons","title":"MaxButtons <= 9.8.3 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-04-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"923ee3a7-a591-4132-8fbe-bd0edf8b7bb8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/923ee3a7-a591-4132-8fbe-bd0edf8b7bb8?source=api-prod","cve":"CVE-2025-39444","affectedVersions":"<=9.8.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/af478e73-a2b8-468a-9075-9c1db1a97d7c/maxbuttons","title":"MaxButtons <= 9.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"af478e73-a2b8-468a-9075-9c1db1a97d7c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/af478e73-a2b8-468a-9075-9c1db1a97d7c?source=api-prod","cve":"CVE-2023-36503","affectedVersions":"<=9.5.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/bca0e8a0-d837-42d8-a9d3-35e0c820eb43/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.7.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"bca0e8a0-d837-42d8-a9d3-35e0c820eb43"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bca0e8a0-d837-42d8-a9d3-35e0c820eb43?source=api-prod","cve":"CVE-2023-7029","affectedVersions":"<=9.7.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/cfe2cabd-98f6-4ebc-8a02-e6951202aa88/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.7.4 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"cfe2cabd-98f6-4ebc-8a02-e6951202aa88"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cfe2cabd-98f6-4ebc-8a02-e6951202aa88?source=api-prod","cve":"CVE-2023-6594","affectedVersions":"<=9.7.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/efa01956-7c03-4f0f-9054-6920013a2b32/maxbuttons","title":"MaxButtons <= 6.18 - Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2017-05-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"efa01956-7c03-4f0f-9054-6920013a2b32"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/efa01956-7c03-4f0f-9054-6920013a2b32?source=api-prod","cve":"CVE-2017-2169","affectedVersions":"<=6.18","severity":"medium"},{"advisoryId":"WPSECADV/WF/fdd0694c-ea7e-4cf8-a8d8-82a2b02fecdf/maxbuttons","title":"WordPress Button Plugin MaxButtons <= 9.7.8 - Full Path Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"fdd0694c-ea7e-4cf8-a8d8-82a2b02fecdf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fdd0694c-ea7e-4cf8-a8d8-82a2b02fecdf?source=api-prod","cve":"CVE-2024-6499","affectedVersions":"<=9.7.8","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6e65782d666f726d732d657870726573732d77702d666f726d2d6275696c646572811c9dc5_gen.json b/internal/data/assets/plugin_6e65782d666f726d732d657870726573732d77702d666f726d2d6275696c646572811c9dc5_gen.json index 21bbae73..f2b65811 100644 --- a/internal/data/assets/plugin_6e65782d666f726d732d657870726573732d77702d666f726d2d6275696c646572811c9dc5_gen.json +++ b/internal/data/assets/plugin_6e65782d666f726d732d657870726573732d77702d666f726d2d6275696c646572811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/01940eeb-b4a6-450d-b646-84f415ca92c9/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 7.7.1 - Missing Authorization on Various AJAX Actions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-11-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"01940eeb-b4a6-450d-b646-84f415ca92c9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/01940eeb-b4a6-450d-b646-84f415ca92c9?source=api-prod","cve":"CVE-2020-36670","affectedVersions":"<=7.7.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/097c3257-6479-4169-ac17-cb1629aef7a1/nex-forms-express-wp-form-builder","title":"Nex-Forms Express WP Form Builder <= 9.1.7 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"097c3257-6479-4169-ac17-cb1629aef7a1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/097c3257-6479-4169-ac17-cb1629aef7a1?source=api-prod","cve":"CVE-2025-14803","affectedVersions":"<=9.1.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/19cc7f5b-545a-4f68-bc37-269cc84364ad/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 9.1.7 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"19cc7f5b-545a-4f68-bc37-269cc84364ad"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/19cc7f5b-545a-4f68-bc37-269cc84364ad?source=api-prod","cve":"CVE-2025-69326","affectedVersions":"<=9.1.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/1d2b7215-d3a7-4e5a-ae9b-65fecc26dceb/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.9.1 - Authenticated (Custom) Limited Code Execution via get_table_records Function\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-07 21:30:44","sources":[{"name":"Wordfence","remoteId":"1d2b7215-d3a7-4e5a-ae9b-65fecc26dceb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1d2b7215-d3a7-4e5a-ae9b-65fecc26dceb?source=api-prod","cve":"CVE-2025-4208","affectedVersions":"<=8.9.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/23b21dbd-caf7-49fc-bed4-4017151ee4ad/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Authenticated (Subscriber+) License Deactivation via deactivate_license\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-13 15:17:36","sources":[{"name":"Wordfence","remoteId":"23b21dbd-caf7-49fc-bed4-4017151ee4ad"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/23b21dbd-caf7-49fc-bed4-4017151ee4ad?source=api-prod","cve":"CVE-2026-1948","affectedVersions":"<=9.1.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/26bd4058-ef00-48c8-8ab5-01535f0238a4/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via restore_records()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"26bd4058-ef00-48c8-8ab5-01535f0238a4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26bd4058-ef00-48c8-8ab5-01535f0238a4?source=api-prod","cve":"CVE-2024-0907","affectedVersions":"<=8.5.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/2e88aa9e-6d1d-44ba-8d63-2f4d4161bc9e/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more < 3.4 - SQL Injection\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-04-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"2e88aa9e-6d1d-44ba-8d63-2f4d4161bc9e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2e88aa9e-6d1d-44ba-8d63-2f4d4161bc9e?source=api-prod","affectedVersions":"<3.4","severity":"critical"},{"advisoryId":"WPSECADV/WF/2f2d8b21-1c25-4cfc-bf62-2e71d6a90d91/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.12 - Authenticated (Administrator+) SQL Injection via 'table' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-14 18:51:33","sources":[{"name":"Wordfence","remoteId":"2f2d8b21-1c25-4cfc-bf62-2e71d6a90d91"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2f2d8b21-1c25-4cfc-bf62-2e71d6a90d91?source=api-prod","cve":"CVE-2026-7046","affectedVersions":"<=9.1.12","severity":"medium"},{"advisoryId":"WPSECADV/WF/53db0f72-3353-42bb-ad75-4c5aa32d7939/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via set_starred()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"53db0f72-3353-42bb-ad75-4c5aa32d7939"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/53db0f72-3353-42bb-ad75-4c5aa32d7939?source=api-prod","cve":"CVE-2024-1129","affectedVersions":"<=8.5.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/54897968-55fe-4542-bac8-190b29f68b0d/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 9.1.7 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"54897968-55fe-4542-bac8-190b29f68b0d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/54897968-55fe-4542-bac8-190b29f68b0d?source=api-prod","cve":"CVE-2025-69324","affectedVersions":"<=9.1.7","severity":"high"},{"advisoryId":"WPSECADV/WF/5f0406ad-8f4e-49a2-87dd-a6e319904652/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.7.8 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"5f0406ad-8f4e-49a2-87dd-a6e319904652"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5f0406ad-8f4e-49a2-87dd-a6e319904652?source=api-prod","cve":"CVE-2024-53808","affectedVersions":"<=8.7.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/6989e54b-ce5e-4c79-bd0d-0f7978a4bd44/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder < 4.6.1 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-07-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"6989e54b-ce5e-4c79-bd0d-0f7978a4bd44"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6989e54b-ce5e-4c79-bd0d-0f7978a4bd44?source=api-prod","cve":"CVE-2015-9452","affectedVersions":"<4.6.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/6b5964a7-410b-4fea-9de2-22ffda80c8e8/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.5 - Authenticated (Admin+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"6b5964a7-410b-4fea-9de2-22ffda80c8e8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6b5964a7-410b-4fea-9de2-22ffda80c8e8?source=api-prod","cve":"CVE-2023-50838","affectedVersions":"<=8.5.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/70587bb9-6f76-4073-b5db-06ffda0194e9/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 7.8.7 Authorization Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-07-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"70587bb9-6f76-4073-b5db-06ffda0194e9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/70587bb9-6f76-4073-b5db-06ffda0194e9?source=api-prod","cve":"CVE-2021-34676","affectedVersions":"<=7.8.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/75f98731-f5a1-46aa-bf00-3b119a3b917e/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.7.3 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"75f98731-f5a1-46aa-bf00-3b119a3b917e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/75f98731-f5a1-46aa-bf00-3b119a3b917e?source=api-prod","cve":"CVE-2024-47389","affectedVersions":"<=8.7.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/89655e84-acb5-40f2-a22f-a483a1bb29df/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 7.9.6 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-08-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"89655e84-acb5-40f2-a22f-a483a1bb29df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/89655e84-acb5-40f2-a22f-a483a1bb29df?source=api-prod","cve":"CVE-2022-3142","affectedVersions":"<=7.9.6","severity":"high"},{"advisoryId":"WPSECADV/WF/8a7b4d0b-9845-4d0b-b255-a311076f5ca7/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.4.2 - Cross-Site Request Forgery to Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-11-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"8a7b4d0b-9845-4d0b-b255-a311076f5ca7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a7b4d0b-9845-4d0b-b255-a311076f5ca7?source=api-prod","cve":"CVE-2021-24705","affectedVersions":"<=8.4.2","severity":"high"},{"advisoryId":"WPSECADV/WF/9bac82ee-55bf-4381-b441-115a675e4834/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 9.1.11 - Unauthenticated Stored Cross-Site Scripting via POST Parameter Key Names\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-02 15:41:51","sources":[{"name":"Wordfence","remoteId":"9bac82ee-55bf-4381-b441-115a675e4834"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9bac82ee-55bf-4381-b441-115a675e4834?source=api-prod","cve":"CVE-2026-5063","affectedVersions":"<=9.1.11","severity":"high"},{"advisoryId":"WPSECADV/WF/9d19be8b-3e0b-4d74-97e0-f17132d2d34c/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 8.3.3 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"9d19be8b-3e0b-4d74-97e0-f17132d2d34c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9d19be8b-3e0b-4d74-97e0-f17132d2d34c?source=api-prod","cve":"CVE-2023-2114","affectedVersions":"<=8.3.3","severity":"high"},{"advisoryId":"WPSECADV/WF/a333d5b4-cedf-40ac-8da9-f4965d2a397a/nex-forms-express-wp-form-builder","title":"NEX-Forms - Ultimate Form Builder <= 8.4.3 - Authenticated Stored Cross-Site Scripting via Form Name\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"a333d5b4-cedf-40ac-8da9-f4965d2a397a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a333d5b4-cedf-40ac-8da9-f4965d2a397a?source=api-prod","cve":"CVE-2023-0439","affectedVersions":"<=8.4.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/a33a7ba5-c6f8-4cf4-8011-8312e9c5da8f/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.9.1 - Authenticated (Custom) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-07 21:30:27","sources":[{"name":"Wordfence","remoteId":"a33a7ba5-c6f8-4cf4-8011-8312e9c5da8f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a33a7ba5-c6f8-4cf4-8011-8312e9c5da8f?source=api-prod","cve":"CVE-2025-3468","affectedVersions":"<=8.9.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/a9b45e9b-57a6-4bfd-b9e4-d07780370f02/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.5.2 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"a9b45e9b-57a6-4bfd-b9e4-d07780370f02"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a9b45e9b-57a6-4bfd-b9e4-d07780370f02?source=api-prod","cve":"CVE-2023-52120","affectedVersions":"<=8.5.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/ab807beb-0e20-47e4-be3e-9e8f50b84c7b/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 8.7.15 - Authenticated (Admin+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"ab807beb-0e20-47e4-be3e-9e8f50b84c7b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ab807beb-0e20-47e4-be3e-9e8f50b84c7b?source=api-prod","cve":"CVE-2024-10862","affectedVersions":"<=8.7.15","severity":"medium"},{"advisoryId":"WPSECADV/WF/b2a8c307-2430-4ea9-afe0-e5e758eabdd1/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Unauthenticated Arbitrary Form Entry Modification via nf_set_entry_update_id\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-14 13:14:22","sources":[{"name":"Wordfence","remoteId":"b2a8c307-2430-4ea9-afe0-e5e758eabdd1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b2a8c307-2430-4ea9-afe0-e5e758eabdd1?source=api-prod","cve":"CVE-2026-1947","affectedVersions":"<=9.1.9","severity":"high"},{"advisoryId":"WPSECADV/WF/cdd7b2ec-5470-492d-a8ea-ae69b45572ce/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.5.10 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"cdd7b2ec-5470-492d-a8ea-ae69b45572ce"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cdd7b2ec-5470-492d-a8ea-ae69b45572ce?source=api-prod","cve":"CVE-2024-37512","affectedVersions":"<=8.5.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/d6934c0e-7526-4de7-9478-3c953b3dc64f/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"d6934c0e-7526-4de7-9478-3c953b3dc64f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d6934c0e-7526-4de7-9478-3c953b3dc64f?source=api-prod","cve":"CVE-2024-25593","affectedVersions":"<=8.5.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/ddfa5a3d-fef2-4049-915c-51c3e28153bf/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.8 - Missing Authorization to Unauthenticated Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-30 12:12:07","sources":[{"name":"Wordfence","remoteId":"ddfa5a3d-fef2-4049-915c-51c3e28153bf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ddfa5a3d-fef2-4049-915c-51c3e28153bf?source=api-prod","cve":"CVE-2025-15510","affectedVersions":"<=9.1.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/e68d47e7-9a42-4a77-aefa-fe130500cbd3/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.6 - Authenticated (Admin+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-10 19:07:08","sources":[{"name":"Wordfence","remoteId":"e68d47e7-9a42-4a77-aefa-fe130500cbd3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e68d47e7-9a42-4a77-aefa-fe130500cbd3?source=api-prod","cve":"CVE-2025-10185","affectedVersions":"<=9.1.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/f188a5e6-699e-4e1a-b4e4-7fb4056b0bee/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.8.1 - Unauthenticated Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"f188a5e6-699e-4e1a-b4e4-7fb4056b0bee"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f188a5e6-699e-4e1a-b4e4-7fb4056b0bee?source=api-prod","cve":"CVE-2024-13498","affectedVersions":"<=8.8.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/f2c3b646-d865-4425-bc8f-00b3555a3d74/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via set_read()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"f2c3b646-d865-4425-bc8f-00b3555a3d74"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f2c3b646-d865-4425-bc8f-00b3555a3d74?source=api-prod","cve":"CVE-2024-1130","affectedVersions":"<=8.5.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/f6bdd745-066d-4b8e-a66c-6d3fb9a9ef12/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 9.1.3 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-08-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"f6bdd745-066d-4b8e-a66c-6d3fb9a9ef12"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f6bdd745-066d-4b8e-a66c-6d3fb9a9ef12?source=api-prod","cve":"CVE-2025-49399","affectedVersions":"<=9.1.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/fd817fe9-b7be-4252-877a-e9843d62a0a9/nex-forms-express-wp-form-builder","title":"NEX-Forms - Ultimate Form Builder <= 8.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"fd817fe9-b7be-4252-877a-e9843d62a0a9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd817fe9-b7be-4252-877a-e9843d62a0a9?source=api-prod","cve":"CVE-2023-0272","affectedVersions":"<=8.3.2","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/01940eeb-b4a6-450d-b646-84f415ca92c9/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 7.7.1 - Missing Authorization on Various AJAX Actions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-11-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"01940eeb-b4a6-450d-b646-84f415ca92c9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/01940eeb-b4a6-450d-b646-84f415ca92c9?source=api-prod","cve":"CVE-2020-36670","affectedVersions":"<=7.7.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/097c3257-6479-4169-ac17-cb1629aef7a1/nex-forms-express-wp-form-builder","title":"Nex-Forms Express WP Form Builder <= 9.1.7 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-12-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"097c3257-6479-4169-ac17-cb1629aef7a1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/097c3257-6479-4169-ac17-cb1629aef7a1?source=api-prod","cve":"CVE-2025-14803","affectedVersions":"<=9.1.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/19cc7f5b-545a-4f68-bc37-269cc84364ad/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 9.1.7 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-09 00:00:00","sources":[{"name":"Wordfence","remoteId":"19cc7f5b-545a-4f68-bc37-269cc84364ad"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/19cc7f5b-545a-4f68-bc37-269cc84364ad?source=api-prod","cve":"CVE-2025-69326","affectedVersions":"<=9.1.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/1d2b7215-d3a7-4e5a-ae9b-65fecc26dceb/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.9.1 - Authenticated (Custom) Limited Code Execution via get_table_records Function\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-07 21:30:44","sources":[{"name":"Wordfence","remoteId":"1d2b7215-d3a7-4e5a-ae9b-65fecc26dceb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1d2b7215-d3a7-4e5a-ae9b-65fecc26dceb?source=api-prod","cve":"CVE-2025-4208","affectedVersions":"<=8.9.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/23b21dbd-caf7-49fc-bed4-4017151ee4ad/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Authenticated (Subscriber+) License Deactivation via deactivate_license\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-13 15:17:36","sources":[{"name":"Wordfence","remoteId":"23b21dbd-caf7-49fc-bed4-4017151ee4ad"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/23b21dbd-caf7-49fc-bed4-4017151ee4ad?source=api-prod","cve":"CVE-2026-1948","affectedVersions":"<=9.1.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/26bd4058-ef00-48c8-8ab5-01535f0238a4/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via restore_records()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"26bd4058-ef00-48c8-8ab5-01535f0238a4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26bd4058-ef00-48c8-8ab5-01535f0238a4?source=api-prod","cve":"CVE-2024-0907","affectedVersions":"<=8.5.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/2e88aa9e-6d1d-44ba-8d63-2f4d4161bc9e/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more < 3.4 - SQL Injection\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-04-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"2e88aa9e-6d1d-44ba-8d63-2f4d4161bc9e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2e88aa9e-6d1d-44ba-8d63-2f4d4161bc9e?source=api-prod","affectedVersions":"<3.4","severity":"critical"},{"advisoryId":"WPSECADV/WF/2f2d8b21-1c25-4cfc-bf62-2e71d6a90d91/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.12 - Authenticated (Administrator+) SQL Injection via 'table' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-14 18:51:33","sources":[{"name":"Wordfence","remoteId":"2f2d8b21-1c25-4cfc-bf62-2e71d6a90d91"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2f2d8b21-1c25-4cfc-bf62-2e71d6a90d91?source=api-prod","cve":"CVE-2026-7046","affectedVersions":"<=9.1.12","severity":"medium"},{"advisoryId":"WPSECADV/WF/53db0f72-3353-42bb-ad75-4c5aa32d7939/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via set_starred()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"53db0f72-3353-42bb-ad75-4c5aa32d7939"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/53db0f72-3353-42bb-ad75-4c5aa32d7939?source=api-prod","cve":"CVE-2024-1129","affectedVersions":"<=8.5.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/54897968-55fe-4542-bac8-190b29f68b0d/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 9.1.7 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-04 00:00:00","sources":[{"name":"Wordfence","remoteId":"54897968-55fe-4542-bac8-190b29f68b0d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/54897968-55fe-4542-bac8-190b29f68b0d?source=api-prod","cve":"CVE-2025-69324","affectedVersions":"<=9.1.7","severity":"high"},{"advisoryId":"WPSECADV/WF/5f0406ad-8f4e-49a2-87dd-a6e319904652/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.7.8 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"5f0406ad-8f4e-49a2-87dd-a6e319904652"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5f0406ad-8f4e-49a2-87dd-a6e319904652?source=api-prod","cve":"CVE-2024-53808","affectedVersions":"<=8.7.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/6989e54b-ce5e-4c79-bd0d-0f7978a4bd44/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder < 4.6.1 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-07-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"6989e54b-ce5e-4c79-bd0d-0f7978a4bd44"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6989e54b-ce5e-4c79-bd0d-0f7978a4bd44?source=api-prod","cve":"CVE-2015-9452","affectedVersions":"<4.6.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/6b5964a7-410b-4fea-9de2-22ffda80c8e8/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.5 - Authenticated (Admin+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"6b5964a7-410b-4fea-9de2-22ffda80c8e8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6b5964a7-410b-4fea-9de2-22ffda80c8e8?source=api-prod","cve":"CVE-2023-50838","affectedVersions":"<=8.5.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/70587bb9-6f76-4073-b5db-06ffda0194e9/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 7.8.7 Authorization Bypass\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-07-19 00:00:00","sources":[{"name":"Wordfence","remoteId":"70587bb9-6f76-4073-b5db-06ffda0194e9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/70587bb9-6f76-4073-b5db-06ffda0194e9?source=api-prod","cve":"CVE-2021-34676","affectedVersions":"<=7.8.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/75f98731-f5a1-46aa-bf00-3b119a3b917e/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.7.3 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"75f98731-f5a1-46aa-bf00-3b119a3b917e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/75f98731-f5a1-46aa-bf00-3b119a3b917e?source=api-prod","cve":"CVE-2024-47389","affectedVersions":"<=8.7.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/89655e84-acb5-40f2-a22f-a483a1bb29df/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 7.9.6 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-08-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"89655e84-acb5-40f2-a22f-a483a1bb29df"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/89655e84-acb5-40f2-a22f-a483a1bb29df?source=api-prod","cve":"CVE-2022-3142","affectedVersions":"<=7.9.6","severity":"high"},{"advisoryId":"WPSECADV/WF/8a7b4d0b-9845-4d0b-b255-a311076f5ca7/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.4.2 - Cross-Site Request Forgery to Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-11-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"8a7b4d0b-9845-4d0b-b255-a311076f5ca7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a7b4d0b-9845-4d0b-b255-a311076f5ca7?source=api-prod","cve":"CVE-2021-24705","affectedVersions":"<=8.4.2","severity":"high"},{"advisoryId":"WPSECADV/WF/9bac82ee-55bf-4381-b441-115a675e4834/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 9.1.11 - Unauthenticated Stored Cross-Site Scripting via POST Parameter Key Names\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-02 15:41:51","sources":[{"name":"Wordfence","remoteId":"9bac82ee-55bf-4381-b441-115a675e4834"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9bac82ee-55bf-4381-b441-115a675e4834?source=api-prod","cve":"CVE-2026-5063","affectedVersions":"<=9.1.11","severity":"high"},{"advisoryId":"WPSECADV/WF/9d19be8b-3e0b-4d74-97e0-f17132d2d34c/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 8.3.3 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"9d19be8b-3e0b-4d74-97e0-f17132d2d34c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9d19be8b-3e0b-4d74-97e0-f17132d2d34c?source=api-prod","cve":"CVE-2023-2114","affectedVersions":"<=8.3.3","severity":"high"},{"advisoryId":"WPSECADV/WF/a333d5b4-cedf-40ac-8da9-f4965d2a397a/nex-forms-express-wp-form-builder","title":"NEX-Forms - Ultimate Form Builder <= 8.4.3 - Authenticated Stored Cross-Site Scripting via Form Name\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"a333d5b4-cedf-40ac-8da9-f4965d2a397a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a333d5b4-cedf-40ac-8da9-f4965d2a397a?source=api-prod","cve":"CVE-2023-0439","affectedVersions":"<=8.4.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/a33a7ba5-c6f8-4cf4-8011-8312e9c5da8f/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.9.1 - Authenticated (Custom) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-05-07 21:30:27","sources":[{"name":"Wordfence","remoteId":"a33a7ba5-c6f8-4cf4-8011-8312e9c5da8f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a33a7ba5-c6f8-4cf4-8011-8312e9c5da8f?source=api-prod","cve":"CVE-2025-3468","affectedVersions":"<=8.9.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/a9b45e9b-57a6-4bfd-b9e4-d07780370f02/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.5.2 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"a9b45e9b-57a6-4bfd-b9e4-d07780370f02"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a9b45e9b-57a6-4bfd-b9e4-d07780370f02?source=api-prod","cve":"CVE-2023-52120","affectedVersions":"<=8.5.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/ab807beb-0e20-47e4-be3e-9e8f50b84c7b/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 8.7.15 - Authenticated (Admin+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"ab807beb-0e20-47e4-be3e-9e8f50b84c7b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ab807beb-0e20-47e4-be3e-9e8f50b84c7b?source=api-prod","cve":"CVE-2024-10862","affectedVersions":"<=8.7.15","severity":"medium"},{"advisoryId":"WPSECADV/WF/b2a8c307-2430-4ea9-afe0-e5e758eabdd1/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.9 - Missing Authorization to Unauthenticated Arbitrary Form Entry Modification via nf_set_entry_update_id\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-14 13:14:22","sources":[{"name":"Wordfence","remoteId":"b2a8c307-2430-4ea9-afe0-e5e758eabdd1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b2a8c307-2430-4ea9-afe0-e5e758eabdd1?source=api-prod","cve":"CVE-2026-1947","affectedVersions":"<=9.1.9","severity":"high"},{"advisoryId":"WPSECADV/WF/cdd7b2ec-5470-492d-a8ea-ae69b45572ce/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.5.10 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"cdd7b2ec-5470-492d-a8ea-ae69b45572ce"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cdd7b2ec-5470-492d-a8ea-ae69b45572ce?source=api-prod","cve":"CVE-2024-37512","affectedVersions":"<=8.5.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/d6934c0e-7526-4de7-9478-3c953b3dc64f/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder <= 8.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-02-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"d6934c0e-7526-4de7-9478-3c953b3dc64f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d6934c0e-7526-4de7-9478-3c953b3dc64f?source=api-prod","cve":"CVE-2024-25593","affectedVersions":"<=8.5.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/ddfa5a3d-fef2-4049-915c-51c3e28153bf/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.8 - Missing Authorization to Unauthenticated Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-30 12:12:07","sources":[{"name":"Wordfence","remoteId":"ddfa5a3d-fef2-4049-915c-51c3e28153bf"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ddfa5a3d-fef2-4049-915c-51c3e28153bf?source=api-prod","cve":"CVE-2025-15510","affectedVersions":"<=9.1.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/e68d47e7-9a42-4a77-aefa-fe130500cbd3/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Forms Plugin for WordPress <= 9.1.6 - Authenticated (Admin+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-10 19:07:08","sources":[{"name":"Wordfence","remoteId":"e68d47e7-9a42-4a77-aefa-fe130500cbd3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e68d47e7-9a42-4a77-aefa-fe130500cbd3?source=api-prod","cve":"CVE-2025-10185","affectedVersions":"<=9.1.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/ecf39f38-a476-47a8-a632-986b851895a6/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 9.2.2 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via CSVExport Class\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:24:08","sources":[{"name":"Wordfence","remoteId":"ecf39f38-a476-47a8-a632-986b851895a6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ecf39f38-a476-47a8-a632-986b851895a6?source=api-prod","cve":"CVE-2026-12404","affectedVersions":"<=9.2.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/f188a5e6-699e-4e1a-b4e4-7fb4056b0bee/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.8.1 - Unauthenticated Sensitive Information Exposure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"f188a5e6-699e-4e1a-b4e4-7fb4056b0bee"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f188a5e6-699e-4e1a-b4e4-7fb4056b0bee?source=api-prod","cve":"CVE-2024-13498","affectedVersions":"<=8.8.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/f2c3b646-d865-4425-bc8f-00b3555a3d74/nex-forms-express-wp-form-builder","title":"NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.5.6 - Missing Authorization via set_read()\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-01-31 00:00:00","sources":[{"name":"Wordfence","remoteId":"f2c3b646-d865-4425-bc8f-00b3555a3d74"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f2c3b646-d865-4425-bc8f-00b3555a3d74?source=api-prod","cve":"CVE-2024-1130","affectedVersions":"<=8.5.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/f6bdd745-066d-4b8e-a66c-6d3fb9a9ef12/nex-forms-express-wp-form-builder","title":"NEX-Forms <= 9.1.3 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-08-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"f6bdd745-066d-4b8e-a66c-6d3fb9a9ef12"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f6bdd745-066d-4b8e-a66c-6d3fb9a9ef12?source=api-prod","cve":"CVE-2025-49399","affectedVersions":"<=9.1.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/fd817fe9-b7be-4252-877a-e9843d62a0a9/nex-forms-express-wp-form-builder","title":"NEX-Forms - Ultimate Form Builder <= 8.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"fd817fe9-b7be-4252-877a-e9843d62a0a9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd817fe9-b7be-4252-877a-e9843d62a0a9?source=api-prod","cve":"CVE-2023-0272","affectedVersions":"<=8.3.2","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_6f74702d6c6f67696e811c9dc5_gen.json b/internal/data/assets/plugin_6f74702d6c6f67696e811c9dc5_gen.json index d61bd3f2..95da3ee0 100644 --- a/internal/data/assets/plugin_6f74702d6c6f67696e811c9dc5_gen.json +++ b/internal/data/assets/plugin_6f74702d6c6f67696e811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/ad22cb24-e6a0-456f-afe8-88a39acd97d3/otp-login","title":"Login with OTP <= 1.6 - Unauthenticated Authentication Bypass via OTP Brute Force\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-05-26 17:20:31","sources":[{"name":"Wordfence","remoteId":"ad22cb24-e6a0-456f-afe8-88a39acd97d3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ad22cb24-e6a0-456f-afe8-88a39acd97d3?source=api-prod","cve":"CVE-2026-8760","affectedVersions":"<=1.6","severity":"critical"},{"advisoryId":"WPSECADV/WF/d3775d48-5985-475e-8fb9-c4c5fd044772/otp-login","title":"Login With OTP <= 1.4.2 - Authentication Bypass via Weak OTP\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"d3775d48-5985-475e-8fb9-c4c5fd044772"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d3775d48-5985-475e-8fb9-c4c5fd044772?source=api-prod","cve":"CVE-2024-11178","affectedVersions":"<=1.4.2","severity":"high"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/d3775d48-5985-475e-8fb9-c4c5fd044772/otp-login","title":"Login With OTP <= 1.4.2 - Authentication Bypass via Weak OTP\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-12-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"d3775d48-5985-475e-8fb9-c4c5fd044772"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d3775d48-5985-475e-8fb9-c4c5fd044772?source=api-prod","cve":"CVE-2024-11178","affectedVersions":"<=1.4.2","severity":"high"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_70726f647563742d73706563696669636174696f6e73811c9dc5_gen.json b/internal/data/assets/plugin_70726f647563742d73706563696669636174696f6e73811c9dc5_gen.json index 217bcb8d..81e13bf8 100644 --- a/internal/data/assets/plugin_70726f647563742d73706563696669636174696f6e73811c9dc5_gen.json +++ b/internal/data/assets/plugin_70726f647563742d73706563696669636174696f6e73811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/916d4f2f-769b-4902-9464-f55d8f64c9d2/product-specifications","title":"Product Specifications for Woocommerce <= 0.6.0 - Reflected Cross-Site Scripting via Arbitrary Query String Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"916d4f2f-769b-4902-9464-f55d8f64c9d2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/916d4f2f-769b-4902-9464-f55d8f64c9d2?source=api-prod","cve":"CVE-2022-46858","affectedVersions":"<=0.6.0","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/38318605-40f7-4676-b409-f98a6c27cbfe/product-specifications","title":"Product Specifications for Woocommerce <= 0.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attribute/Group Creation, Modification, and Deletion via 'dwps_modify_groups' and 'dwps_modify_attributes' AJAX Actions\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:56:32","sources":[{"name":"Wordfence","remoteId":"38318605-40f7-4676-b409-f98a6c27cbfe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/38318605-40f7-4676-b409-f98a6c27cbfe?source=api-prod","cve":"CVE-2026-11364","affectedVersions":"<=0.8.9","severity":"medium"},{"advisoryId":"WPSECADV/WF/916d4f2f-769b-4902-9464-f55d8f64c9d2/product-specifications","title":"Product Specifications for Woocommerce <= 0.6.0 - Reflected Cross-Site Scripting via Arbitrary Query String Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-03-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"916d4f2f-769b-4902-9464-f55d8f64c9d2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/916d4f2f-769b-4902-9464-f55d8f64c9d2?source=api-prod","cve":"CVE-2022-46858","affectedVersions":"<=0.6.0","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_7175697a2d6d61737465722d6e657874811c9dc5_gen.json b/internal/data/assets/plugin_7175697a2d6d61737465722d6e657874811c9dc5_gen.json index d3784f2c..c5b73745 100644 --- a/internal/data/assets/plugin_7175697a2d6d61737465722d6e657874811c9dc5_gen.json +++ b/internal/data/assets/plugin_7175697a2d6d61737465722d6e657874811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/0e087ed4-6f40-4a00-9cdb-1453ac298188/quiz-master-next","title":"Quiz And Survey Master <= 10.2.5 - Unauthenticated PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"0e087ed4-6f40-4a00-9cdb-1453ac298188"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0e087ed4-6f40-4a00-9cdb-1453ac298188?source=api-prod","cve":"CVE-2025-49401","affectedVersions":"<=10.2.5","severity":"high"},{"advisoryId":"WPSECADV/WF/10b47054-29cc-4859-bdfc-4dde1437c037/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 9.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"10b47054-29cc-4859-bdfc-4dde1437c037"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/10b47054-29cc-4859-bdfc-4dde1437c037?source=api-prod","cve":"CVE-2024-4934","affectedVersions":"<=9.0.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/18458883-6cca-46d1-8437-4e646f4eafda/quiz-master-next","title":"Quiz and Survey Master <= 7.0.0 - Unauthenticated Arbitrary File Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-08-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"18458883-6cca-46d1-8437-4e646f4eafda"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/18458883-6cca-46d1-8437-4e646f4eafda?source=api-prod","cve":"CVE-2020-35951","affectedVersions":"<7.0.1","severity":"high"},{"advisoryId":"WPSECADV/WF/19cb39d4-f2b4-4f94-8896-ba714567e1ed/quiz-master-next","title":"Quiz And Survey Master <= 8.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Question Title\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"19cb39d4-f2b4-4f94-8896-ba714567e1ed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/19cb39d4-f2b4-4f94-8896-ba714567e1ed?source=api-prod","cve":"CVE-2023-3575","affectedVersions":"<=8.1.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/2085c9a3-1cc7-4750-875e-d20c7f94bb78/quiz-master-next","title":"Quiz And Survey Master <= 7.3.4 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"2085c9a3-1cc7-4750-875e-d20c7f94bb78"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2085c9a3-1cc7-4750-875e-d20c7f94bb78?source=api-prod","cve":"CVE-2021-36898","affectedVersions":"<=7.3.4","severity":"high"},{"advisoryId":"WPSECADV/WF/2368e46a-022c-4829-80f1-7d010e8587ed/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 10.3.4 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"2368e46a-022c-4829-80f1-7d010e8587ed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2368e46a-022c-4829-80f1-7d010e8587ed?source=api-prod","cve":"CVE-2026-25329","affectedVersions":"<=10.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/26140315-04c7-4056-a570-865cd4ffe85e/quiz-master-next","title":"Quiz and Survey Master <= 7.0.1 - Arbitrary File Upload\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-08-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"26140315-04c7-4056-a570-865cd4ffe85e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26140315-04c7-4056-a570-865cd4ffe85e?source=api-prod","affectedVersions":"<=7.0.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/32173d38-7f85-4e0c-9b4c-38bee2783d77/quiz-master-next","title":"Quiz And Survey Master <= 8.1.15 - Cross-Site Request Forgery via 'display_results'\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"32173d38-7f85-4e0c-9b4c-38bee2783d77"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/32173d38-7f85-4e0c-9b4c-38bee2783d77?source=api-prod","affectedVersions":"<8.1.15","severity":"medium"},{"advisoryId":"WPSECADV/WF/332c0829-316d-4037-8c50-02d6c92cdb10/quiz-master-next","title":"Quiz And Survey Master <= 7.3.6 - Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"332c0829-316d-4037-8c50-02d6c92cdb10"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/332c0829-316d-4037-8c50-02d6c92cdb10?source=api-prod","cve":"CVE-2021-36906","affectedVersions":"<=7.3.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/3a17b6ad-c778-4677-b5bd-6ffc9b425ba1/quiz-master-next","title":"Quiz And Survey Master < 4.4.4 - Multiple SQL Injections\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-07-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"3a17b6ad-c778-4677-b5bd-6ffc9b425ba1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3a17b6ad-c778-4677-b5bd-6ffc9b425ba1?source=api-prod","affectedVersions":"<4.4.4","severity":"high"},{"advisoryId":"WPSECADV/WF/3b949792-7b04-4174-9b86-b2ad259017fa/quiz-master-next","title":"Quiz And Survey Master <= 10.3.3 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"3b949792-7b04-4174-9b86-b2ad259017fa"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3b949792-7b04-4174-9b86-b2ad259017fa?source=api-prod","cve":"CVE-2026-24358","affectedVersions":"<=10.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/3d76a21c-bb79-4183-99ea-a07c18dfa180/quiz-master-next","title":"Quiz And Survey Master <= 7.3.10 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"3d76a21c-bb79-4183-99ea-a07c18dfa180"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3d76a21c-bb79-4183-99ea-a07c18dfa180?source=api-prod","cve":"CVE-2022-40698","affectedVersions":"<=7.3.10","severity":"high"},{"advisoryId":"WPSECADV/WF/3dd6c562-3c1e-46a3-bd02-bb587d8e6c76/quiz-master-next","title":"Quiz and Survey Master <= 9.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"3dd6c562-3c1e-46a3-bd02-bb587d8e6c76"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3dd6c562-3c1e-46a3-bd02-bb587d8e6c76?source=api-prod","cve":"CVE-2024-6025","affectedVersions":"<=9.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/3f378797-a7a7-4691-8d37-1caef454bb4f/quiz-master-next","title":"Quiz and Survey Master <= 6.4.12 - Stored Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-07-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"3f378797-a7a7-4691-8d37-1caef454bb4f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3f378797-a7a7-4691-8d37-1caef454bb4f?source=api-prod","affectedVersions":"<=6.4.12","severity":"medium"},{"advisoryId":"WPSECADV/WF/42b77d66-8519-4e7e-b253-fefac581df4b/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 10.2.2 - Cross-Site Request Forgery to Template Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"42b77d66-8519-4e7e-b253-fefac581df4b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/42b77d66-8519-4e7e-b253-fefac581df4b?source=api-prod","cve":"CVE-2025-6790","affectedVersions":"<=10.2.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/44e9e7b5-6d60-4c2b-b29b-1a856dc86b41/quiz-master-next","title":"Quiz And Survey Master <= 10.3.1 - Authenticated (Subscriber+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"44e9e7b5-6d60-4c2b-b29b-1a856dc86b41"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/44e9e7b5-6d60-4c2b-b29b-1a856dc86b41?source=api-prod","cve":"CVE-2025-67987","affectedVersions":"<=10.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/47f668b0-8165-4ce8-97cc-b674e708c2eb/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 9.1.2 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"47f668b0-8165-4ce8-97cc-b674e708c2eb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/47f668b0-8165-4ce8-97cc-b674e708c2eb?source=api-prod","cve":"CVE-2024-8758","affectedVersions":"<=9.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/4b468c0b-88ac-4ea8-97a9-08e206faf0fb/quiz-master-next","title":"Quiz And Survey Master <= 7.1.18 - Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-06-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"4b468c0b-88ac-4ea8-97a9-08e206faf0fb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4b468c0b-88ac-4ea8-97a9-08e206faf0fb?source=api-prod","affectedVersions":"<7.1.19","severity":"medium"},{"advisoryId":"WPSECADV/WF/4c1203ce-7582-447f-b011-905b274e1e20/quiz-master-next","title":"Quiz And Survey Master <= 7.3.6 - Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-01-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"4c1203ce-7582-447f-b011-905b274e1e20"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4c1203ce-7582-447f-b011-905b274e1e20?source=api-prod","cve":"CVE-2022-0182","affectedVersions":"<=7.3.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/4cfdbf80-3733-4d5c-9bc6-01e543ee08b1/quiz-master-next","title":"Quiz And Survey Master <= 8.1.18 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"4cfdbf80-3733-4d5c-9bc6-01e543ee08b1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4cfdbf80-3733-4d5c-9bc6-01e543ee08b1?source=api-prod","cve":"CVE-2023-51521","affectedVersions":"<=8.1.18","severity":"medium"},{"advisoryId":"WPSECADV/WF/4f0025dc-a072-4e01-bea8-6e93948f00d8/quiz-master-next","title":"Quiz And Survey Master <= 6.3.4 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-11-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"4f0025dc-a072-4e01-bea8-6e93948f00d8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4f0025dc-a072-4e01-bea8-6e93948f00d8?source=api-prod","cve":"CVE-2019-17599","affectedVersions":"<=6.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/5113b58b-7d2e-40cd-8669-a5597321106f/quiz-master-next","title":"Quiz And Survey Master <= 7.3.4 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"5113b58b-7d2e-40cd-8669-a5597321106f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5113b58b-7d2e-40cd-8669-a5597321106f?source=api-prod","cve":"CVE-2021-36864","affectedVersions":"<=7.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/55895508-d0ef-4855-8d15-b8a45ba0dcb2/quiz-master-next","title":"Quiz And Survey Master <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-05 20:13:08","sources":[{"name":"Wordfence","remoteId":"55895508-d0ef-4855-8d15-b8a45ba0dcb2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/55895508-d0ef-4855-8d15-b8a45ba0dcb2?source=api-prod","cve":"CVE-2025-9294","affectedVersions":"<=10.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/5bd58f59-09c2-417c-89ea-5906d413288c/quiz-master-next","title":"Quiz And Survey Master <= 7.1.11 - Authenticated SQL injection via shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-03-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"5bd58f59-09c2-417c-89ea-5906d413288c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5bd58f59-09c2-417c-89ea-5906d413288c?source=api-prod","cve":"CVE-2021-24221","affectedVersions":"<=7.1.11","severity":"high"},{"advisoryId":"WPSECADV/WF/5c482b6e-ce1e-46e2-8847-10c485594448/quiz-master-next","title":"Quiz And Survey Master <= 8.1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"5c482b6e-ce1e-46e2-8847-10c485594448"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5c482b6e-ce1e-46e2-8847-10c485594448?source=api-prod","cve":"CVE-2023-47834","affectedVersions":"<=8.1.13","severity":"medium"},{"advisoryId":"WPSECADV/WF/64584fcd-be84-4d40-bfa8-e6131d0afd58/quiz-master-next","title":"Quiz And Survey Master <= 7.3.10 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"64584fcd-be84-4d40-bfa8-e6131d0afd58"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/64584fcd-be84-4d40-bfa8-e6131d0afd58?source=api-prod","cve":"CVE-2022-41652","affectedVersions":"<=7.3.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/68110321-db1a-4634-98cd-0afd3ec933b8/quiz-master-next","title":"Quiz And Survey Master <= 8.0.8 - Unauthenticated Arbitrary Media Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"68110321-db1a-4634-98cd-0afd3ec933b8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/68110321-db1a-4634-98cd-0afd3ec933b8?source=api-prod","cve":"CVE-2023-0291","affectedVersions":"<=8.0.8","severity":"high"},{"advisoryId":"WPSECADV/WF/6975e84e-06ab-41b1-ae39-64685a878d15/quiz-master-next","title":"Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress <= 7.3.4 - Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"6975e84e-06ab-41b1-ae39-64685a878d15"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6975e84e-06ab-41b1-ae39-64685a878d15?source=api-prod","cve":"CVE-2021-36865","affectedVersions":"<=7.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/6b8ed659-0590-411f-9017-f695c9c2f322/quiz-master-next","title":"Quiz And Survey Master <= 7.3.1 - Admin+ Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-09-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"6b8ed659-0590-411f-9017-f695c9c2f322"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6b8ed659-0590-411f-9017-f695c9c2f322?source=api-prod","cve":"CVE-2021-24691","affectedVersions":"<=7.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/7d849eda-4c61-47e2-af7c-59a57fffab65/quiz-master-next","title":"Quiz And Survey Master <= 7.3.4 - Multiple Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"7d849eda-4c61-47e2-af7c-59a57fffab65"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7d849eda-4c61-47e2-af7c-59a57fffab65?source=api-prod","cve":"CVE-2021-36905","affectedVersions":"<=7.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/80399759-88dd-478d-a20e-04e8750e12c4/quiz-master-next","title":"Quiz And Survey Master <= 8.1.10 - Excessive Quiz Attempts\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"80399759-88dd-478d-a20e-04e8750e12c4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/80399759-88dd-478d-a20e-04e8750e12c4?source=api-prod","cve":"CVE-2023-37984","affectedVersions":"<=8.1.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/82f0b4c3-d0fb-4f3c-b8aa-c5f5ce6c3f16/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 11.1.2 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"82f0b4c3-d0fb-4f3c-b8aa-c5f5ce6c3f16"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/82f0b4c3-d0fb-4f3c-b8aa-c5f5ce6c3f16?source=api-prod","cve":"CVE-2026-48867","affectedVersions":"<=11.1.2","severity":"high"},{"advisoryId":"WPSECADV/WF/855a06dc-5e92-4354-b4ab-456a224e2903/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 11.0.0 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"855a06dc-5e92-4354-b4ab-456a224e2903"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/855a06dc-5e92-4354-b4ab-456a224e2903?source=api-prod","cve":"CVE-2026-40787","affectedVersions":"<=11.0.0","severity":"high"},{"advisoryId":"WPSECADV/WF/88a9abf4-62a9-4695-87e7-18ff0b0075e9/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-05 20:24:52","sources":[{"name":"Wordfence","remoteId":"88a9abf4-62a9-4695-87e7-18ff0b0075e9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/88a9abf4-62a9-4695-87e7-18ff0b0075e9?source=api-prod","cve":"CVE-2025-9637","affectedVersions":"<=10.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/88dc4a77-0d81-4d90-9a43-cc4d3055e39c/quiz-master-next","title":"Quiz And Survey Master <= 8.0.7 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"88dc4a77-0d81-4d90-9a43-cc4d3055e39c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/88dc4a77-0d81-4d90-9a43-cc4d3055e39c?source=api-prod","cve":"CVE-2022-46862","affectedVersions":"<=8.0.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/89ee5d27-9123-4fd2-94f8-4395db5663ec/quiz-master-next","title":"Quiz And Survey Master <= 8.1.16 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"89ee5d27-9123-4fd2-94f8-4395db5663ec"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/89ee5d27-9123-4fd2-94f8-4395db5663ec?source=api-prod","cve":"CVE-2023-51507","affectedVersions":"<=8.1.16","severity":"medium"},{"advisoryId":"WPSECADV/WF/9a87f0a2-42b0-4536-b4d1-83a9f6ed4262/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"9a87f0a2-42b0-4536-b4d1-83a9f6ed4262"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9a87f0a2-42b0-4536-b4d1-83a9f6ed4262?source=api-prod","cve":"CVE-2024-6879","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/9af36edd-4520-4afc-8d3a-c9a96659ddf8/quiz-master-next","title":"Quiz And Survey Master <= 8.0.10 - Cross-Site Request Forgery to Quiz Restoration\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"9af36edd-4520-4afc-8d3a-c9a96659ddf8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9af36edd-4520-4afc-8d3a-c9a96659ddf8?source=api-prod","cve":"CVE-2023-26524","affectedVersions":"<=8.0.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/9c2883e6-2a90-46c7-ba42-cc078e4d1670/quiz-master-next","title":"Quiz and Survey Master <= 7.1.13 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-08-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"9c2883e6-2a90-46c7-ba42-cc078e4d1670"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9c2883e6-2a90-46c7-ba42-cc078e4d1670?source=api-prod","affectedVersions":"<=7.1.13","severity":"medium"},{"advisoryId":"WPSECADV/WF/9f5cc779-c7de-42e6-a812-5c0539067b8c/quiz-master-next","title":"Quiz and Survey Master <= 8.0.4 - Improper Input Validation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"9f5cc779-c7de-42e6-a812-5c0539067b8c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9f5cc779-c7de-42e6-a812-5c0539067b8c?source=api-prod","cve":"CVE-2022-4033","affectedVersions":"<=8.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/a67ab966-c179-4ea6-bf8c-bc22f9b4644b/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 10.3.4 - Unauthenticated Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"a67ab966-c179-4ea6-bf8c-bc22f9b4644b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a67ab966-c179-4ea6-bf8c-bc22f9b4644b?source=api-prod","cve":"CVE-2026-25324","affectedVersions":"<=10.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/b29dcd7a-a0bc-4983-85ba-6ebf2c405ceb/quiz-master-next","title":"Quiz and Survey Master <= 8.1.4 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"b29dcd7a-a0bc-4983-85ba-6ebf2c405ceb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b29dcd7a-a0bc-4983-85ba-6ebf2c405ceb?source=api-prod","cve":"CVE-2023-28787","affectedVersions":"<=8.1.4","severity":"critical"},{"advisoryId":"WPSECADV/WF/b32bf1cb-3722-41fc-be51-dabe80416b14/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 10.3.5 - Authenticated (Contributor+) SQL Injection via 'merged_question' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-23 10:09:13","sources":[{"name":"Wordfence","remoteId":"b32bf1cb-3722-41fc-be51-dabe80416b14"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b32bf1cb-3722-41fc-be51-dabe80416b14?source=api-prod","cve":"CVE-2026-2412","affectedVersions":"<=10.3.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/b6e3fb4d-985f-4fb7-bcf1-523792d8dac6/quiz-master-next","title":"Quiz And Survey Master <= 7.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"b6e3fb4d-985f-4fb7-bcf1-523792d8dac6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b6e3fb4d-985f-4fb7-bcf1-523792d8dac6?source=api-prod","cve":"CVE-2021-36863","affectedVersions":"<=7.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/b901b3f8-8bbd-42ef-8e0c-de6d09c4950f/quiz-master-next","title":"Quiz and Survey Master <= 8.0.4 - Unauthenticated iFrame Injection via Paragraph and Short Answer\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"b901b3f8-8bbd-42ef-8e0c-de6d09c4950f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b901b3f8-8bbd-42ef-8e0c-de6d09c4950f?source=api-prod","cve":"CVE-2022-4032","affectedVersions":"<=8.0.4","severity":"high"},{"advisoryId":"WPSECADV/WF/bfd93c33-4672-4914-b052-7bea283ef60c/quiz-master-next","title":"Quiz and Survey Master <= 7.0.0 - Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-08-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"bfd93c33-4672-4914-b052-7bea283ef60c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bfd93c33-4672-4914-b052-7bea283ef60c?source=api-prod","cve":"CVE-2020-35949","affectedVersions":"<7.0.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/c75e6d27-7f6b-4bec-b653-c2024504f427/quiz-master-next","title":"Quiz And Survey Master <= 8.0.8 - Cross-Site Request Forgery to Arbitrary Media Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"c75e6d27-7f6b-4bec-b653-c2024504f427"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c75e6d27-7f6b-4bec-b653-c2024504f427?source=api-prod","cve":"CVE-2023-0292","affectedVersions":"<=8.0.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/c829894f-05b8-4c65-9f3a-3a5d6e212cde/quiz-master-next","title":"Quiz And Survey Master <= 7.3.10 - Cross-Site Request Forgery\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"c829894f-05b8-4c65-9f3a-3a5d6e212cde"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c829894f-05b8-4c65-9f3a-3a5d6e212cde?source=api-prod","affectedVersions":"<=7.3.10","severity":"high"},{"advisoryId":"WPSECADV/WF/d230b781-e208-4e66-b8ed-aba72db8d8dc/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 11.1.2 - Authenticated (Admin+) SQL Injection via 'order' and 'limit' Parameters\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-05 10:44:40","sources":[{"name":"Wordfence","remoteId":"d230b781-e208-4e66-b8ed-aba72db8d8dc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d230b781-e208-4e66-b8ed-aba72db8d8dc?source=api-prod","cve":"CVE-2026-6448","affectedVersions":"<=11.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/d5ef3350-3eec-48b7-9241-5d2ce25555f0/quiz-master-next","title":"Quiz And Survey Master <= 7.1.17 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-06-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"d5ef3350-3eec-48b7-9241-5d2ce25555f0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d5ef3350-3eec-48b7-9241-5d2ce25555f0?source=api-prod","cve":"CVE-2021-24368","affectedVersions":"<=7.1.17","severity":"medium"},{"advisoryId":"WPSECADV/WF/d94bcbf7-c20e-4b04-b4de-f68f9a793b73/quiz-master-next","title":"Quiz And Survey Master <= 6.2.1 - Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"d94bcbf7-c20e-4b04-b4de-f68f9a793b73"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d94bcbf7-c20e-4b04-b4de-f68f9a793b73?source=api-prod","cve":"CVE-2019-9575","affectedVersions":"<=6.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e31d8218-5e04-44a1-89aa-f93e9677680b/quiz-master-next","title":"Quiz And Survey Master <= 8.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"e31d8218-5e04-44a1-89aa-f93e9677680b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e31d8218-5e04-44a1-89aa-f93e9677680b?source=api-prod","cve":"CVE-2024-27966","affectedVersions":"<=8.2.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/e6524e66-5bd1-4616-8185-c0501a09893e/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 10.3.1 - Authenticated (Subscriber+) SQL Injection via `is_linking` Query Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-05 20:24:00","sources":[{"name":"Wordfence","remoteId":"e6524e66-5bd1-4616-8185-c0501a09893e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e6524e66-5bd1-4616-8185-c0501a09893e?source=api-prod","cve":"CVE-2025-9318","affectedVersions":"<=10.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e8e6ee6f-b918-4a8c-82ea-4761f2bcbc43/quiz-master-next","title":"Quiz And Survey Master <= 10.3.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"e8e6ee6f-b918-4a8c-82ea-4761f2bcbc43"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e8e6ee6f-b918-4a8c-82ea-4761f2bcbc43?source=api-prod","cve":"CVE-2025-63054","affectedVersions":"<=10.3.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/eaa4b7b9-ea5b-46a1-847e-027bcb1fa5a6/quiz-master-next","title":"Quiz And Survey Master <= 7.3.10 - Sensitive Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"eaa4b7b9-ea5b-46a1-847e-027bcb1fa5a6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/eaa4b7b9-ea5b-46a1-847e-027bcb1fa5a6?source=api-prod","cve":"CVE-2022-42883","affectedVersions":"<=7.3.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/ececa0ea-3d44-4b1b-b962-809a8b24c890/quiz-master-next","title":"Quiz And Survey Master <= 4.7.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2016-12-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"ececa0ea-3d44-4b1b-b962-809a8b24c890"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ececa0ea-3d44-4b1b-b962-809a8b24c890?source=api-prod","cve":"CVE-2016-11085","affectedVersions":"<4.7.9","severity":"high"},{"advisoryId":"WPSECADV/WF/f2aa33cc-c1c4-42d4-9c2f-54648426ee4b/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 11.1.0 - Unauthenticated Shortcode Injection Leading to Arbitrary Quiz Result Disclosure via Quiz Answer Text Input Fields\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-16 16:42:59","sources":[{"name":"Wordfence","remoteId":"f2aa33cc-c1c4-42d4-9c2f-54648426ee4b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f2aa33cc-c1c4-42d4-9c2f-54648426ee4b?source=api-prod","cve":"CVE-2026-5797","affectedVersions":"<=10.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/f2c88c5a-ea87-4aab-a0ce-8246e5cb540a/quiz-master-next","title":"Quiz And Survey Master <= 7.3.6 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-01-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"f2c88c5a-ea87-4aab-a0ce-8246e5cb540a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f2c88c5a-ea87-4aab-a0ce-8246e5cb540a?source=api-prod","cve":"CVE-2022-0180","affectedVersions":"<=7.3.5","severity":"high"},{"advisoryId":"WPSECADV/WF/f3022556-3c37-45d7-809a-4e991ad9e0ea/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 9.2.0 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"f3022556-3c37-45d7-809a-4e991ad9e0ea"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f3022556-3c37-45d7-809a-4e991ad9e0ea?source=api-prod","cve":"CVE-2024-10679","affectedVersions":"<=9.2.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/f55a9d35-596c-4207-be11-ade1127df369/quiz-master-next","title":"Quiz And Survey Master <= 7.3.6 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-01-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"f55a9d35-596c-4207-be11-ade1127df369"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f55a9d35-596c-4207-be11-ade1127df369?source=api-prod","cve":"CVE-2022-0181","affectedVersions":"<=7.3.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/f89737cf-90f0-4d85-a7b3-f633047eb93c/quiz-master-next","title":"Quiz And Survey Master <= 10.2.4 - Authenticated (Contributor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-08-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"f89737cf-90f0-4d85-a7b3-f633047eb93c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f89737cf-90f0-4d85-a7b3-f633047eb93c?source=api-prod","cve":"CVE-2025-55708","affectedVersions":"<=10.2.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/fa25e1d2-65eb-450a-967b-3c003fea3464/quiz-master-next","title":"Quiz and Survey Master <= 9.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"fa25e1d2-65eb-450a-967b-3c003fea3464"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fa25e1d2-65eb-450a-967b-3c003fea3464?source=api-prod","cve":"CVE-2024-6390","affectedVersions":"<=9.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/fc085413-db43-43e3-9b60-aeb341eed4e1/quiz-master-next","title":"Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress <= 9.0.1 - Authenticated (Contributor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"fc085413-db43-43e3-9b60-aeb341eed4e1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fc085413-db43-43e3-9b60-aeb341eed4e1?source=api-prod","cve":"CVE-2024-3592","affectedVersions":"<=9.0.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/fca4040d-3c6c-4e31-9bed-d1b6bf5b2bed/quiz-master-next","title":"Quiz and Survey Master <= 7.1.13 - Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-09-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"fca4040d-3c6c-4e31-9bed-d1b6bf5b2bed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fca4040d-3c6c-4e31-9bed-d1b6bf5b2bed?source=api-prod","cve":"CVE-2021-20792","affectedVersions":"<=7.1.13","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/0e087ed4-6f40-4a00-9cdb-1453ac298188/quiz-master-next","title":"Quiz And Survey Master <= 10.2.5 - Unauthenticated PHP Object Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"0e087ed4-6f40-4a00-9cdb-1453ac298188"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0e087ed4-6f40-4a00-9cdb-1453ac298188?source=api-prod","cve":"CVE-2025-49401","affectedVersions":"<=10.2.5","severity":"high"},{"advisoryId":"WPSECADV/WF/10b47054-29cc-4859-bdfc-4dde1437c037/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 9.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"10b47054-29cc-4859-bdfc-4dde1437c037"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/10b47054-29cc-4859-bdfc-4dde1437c037?source=api-prod","cve":"CVE-2024-4934","affectedVersions":"<=9.0.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/18458883-6cca-46d1-8437-4e646f4eafda/quiz-master-next","title":"Quiz and Survey Master <= 7.0.0 - Unauthenticated Arbitrary File Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-08-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"18458883-6cca-46d1-8437-4e646f4eafda"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/18458883-6cca-46d1-8437-4e646f4eafda?source=api-prod","cve":"CVE-2020-35951","affectedVersions":"<7.0.1","severity":"high"},{"advisoryId":"WPSECADV/WF/19cb39d4-f2b4-4f94-8896-ba714567e1ed/quiz-master-next","title":"Quiz And Survey Master <= 8.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Question Title\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"19cb39d4-f2b4-4f94-8896-ba714567e1ed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/19cb39d4-f2b4-4f94-8896-ba714567e1ed?source=api-prod","cve":"CVE-2023-3575","affectedVersions":"<=8.1.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/2085c9a3-1cc7-4750-875e-d20c7f94bb78/quiz-master-next","title":"Quiz And Survey Master <= 7.3.4 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"2085c9a3-1cc7-4750-875e-d20c7f94bb78"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2085c9a3-1cc7-4750-875e-d20c7f94bb78?source=api-prod","cve":"CVE-2021-36898","affectedVersions":"<=7.3.4","severity":"high"},{"advisoryId":"WPSECADV/WF/2368e46a-022c-4829-80f1-7d010e8587ed/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 10.3.4 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"2368e46a-022c-4829-80f1-7d010e8587ed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2368e46a-022c-4829-80f1-7d010e8587ed?source=api-prod","cve":"CVE-2026-25329","affectedVersions":"<=10.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/26140315-04c7-4056-a570-865cd4ffe85e/quiz-master-next","title":"Quiz and Survey Master <= 7.0.1 - Arbitrary File Upload\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-08-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"26140315-04c7-4056-a570-865cd4ffe85e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/26140315-04c7-4056-a570-865cd4ffe85e?source=api-prod","affectedVersions":"<=7.0.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/32173d38-7f85-4e0c-9b4c-38bee2783d77/quiz-master-next","title":"Quiz And Survey Master <= 8.1.15 - Cross-Site Request Forgery via 'display_results'\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-09-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"32173d38-7f85-4e0c-9b4c-38bee2783d77"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/32173d38-7f85-4e0c-9b4c-38bee2783d77?source=api-prod","affectedVersions":"<8.1.15","severity":"medium"},{"advisoryId":"WPSECADV/WF/332c0829-316d-4037-8c50-02d6c92cdb10/quiz-master-next","title":"Quiz And Survey Master <= 7.3.6 - Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"332c0829-316d-4037-8c50-02d6c92cdb10"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/332c0829-316d-4037-8c50-02d6c92cdb10?source=api-prod","cve":"CVE-2021-36906","affectedVersions":"<=7.3.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/38db911b-cad5-4c8c-b0a4-70dc543b4591/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via qsm_insert_quiz_template AJAX Action\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:57:43","sources":[{"name":"Wordfence","remoteId":"38db911b-cad5-4c8c-b0a4-70dc543b4591"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/38db911b-cad5-4c8c-b0a4-70dc543b4591?source=api-prod","cve":"CVE-2026-9233","affectedVersions":"<=11.1.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/3a17b6ad-c778-4677-b5bd-6ffc9b425ba1/quiz-master-next","title":"Quiz And Survey Master < 4.4.4 - Multiple SQL Injections\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-07-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"3a17b6ad-c778-4677-b5bd-6ffc9b425ba1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3a17b6ad-c778-4677-b5bd-6ffc9b425ba1?source=api-prod","affectedVersions":"<4.4.4","severity":"high"},{"advisoryId":"WPSECADV/WF/3b949792-7b04-4174-9b86-b2ad259017fa/quiz-master-next","title":"Quiz And Survey Master <= 10.3.3 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"3b949792-7b04-4174-9b86-b2ad259017fa"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3b949792-7b04-4174-9b86-b2ad259017fa?source=api-prod","cve":"CVE-2026-24358","affectedVersions":"<=10.3.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/3d76a21c-bb79-4183-99ea-a07c18dfa180/quiz-master-next","title":"Quiz And Survey Master <= 7.3.10 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"3d76a21c-bb79-4183-99ea-a07c18dfa180"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3d76a21c-bb79-4183-99ea-a07c18dfa180?source=api-prod","cve":"CVE-2022-40698","affectedVersions":"<=7.3.10","severity":"high"},{"advisoryId":"WPSECADV/WF/3dd6c562-3c1e-46a3-bd02-bb587d8e6c76/quiz-master-next","title":"Quiz and Survey Master <= 9.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"3dd6c562-3c1e-46a3-bd02-bb587d8e6c76"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3dd6c562-3c1e-46a3-bd02-bb587d8e6c76?source=api-prod","cve":"CVE-2024-6025","affectedVersions":"<=9.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/3f378797-a7a7-4691-8d37-1caef454bb4f/quiz-master-next","title":"Quiz and Survey Master <= 6.4.12 - Stored Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-07-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"3f378797-a7a7-4691-8d37-1caef454bb4f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/3f378797-a7a7-4691-8d37-1caef454bb4f?source=api-prod","affectedVersions":"<=6.4.12","severity":"medium"},{"advisoryId":"WPSECADV/WF/42b77d66-8519-4e7e-b253-fefac581df4b/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 10.2.2 - Cross-Site Request Forgery to Template Creation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-07-24 00:00:00","sources":[{"name":"Wordfence","remoteId":"42b77d66-8519-4e7e-b253-fefac581df4b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/42b77d66-8519-4e7e-b253-fefac581df4b?source=api-prod","cve":"CVE-2025-6790","affectedVersions":"<=10.2.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/44e9e7b5-6d60-4c2b-b29b-1a856dc86b41/quiz-master-next","title":"Quiz And Survey Master <= 10.3.1 - Authenticated (Subscriber+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"44e9e7b5-6d60-4c2b-b29b-1a856dc86b41"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/44e9e7b5-6d60-4c2b-b29b-1a856dc86b41?source=api-prod","cve":"CVE-2025-67987","affectedVersions":"<=10.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/47f668b0-8165-4ce8-97cc-b674e708c2eb/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 9.1.2 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-09-02 00:00:00","sources":[{"name":"Wordfence","remoteId":"47f668b0-8165-4ce8-97cc-b674e708c2eb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/47f668b0-8165-4ce8-97cc-b674e708c2eb?source=api-prod","cve":"CVE-2024-8758","affectedVersions":"<=9.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/4b468c0b-88ac-4ea8-97a9-08e206faf0fb/quiz-master-next","title":"Quiz And Survey Master <= 7.1.18 - Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-06-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"4b468c0b-88ac-4ea8-97a9-08e206faf0fb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4b468c0b-88ac-4ea8-97a9-08e206faf0fb?source=api-prod","affectedVersions":"<7.1.19","severity":"medium"},{"advisoryId":"WPSECADV/WF/4c1203ce-7582-447f-b011-905b274e1e20/quiz-master-next","title":"Quiz And Survey Master <= 7.3.6 - Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-01-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"4c1203ce-7582-447f-b011-905b274e1e20"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4c1203ce-7582-447f-b011-905b274e1e20?source=api-prod","cve":"CVE-2022-0182","affectedVersions":"<=7.3.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/4cfdbf80-3733-4d5c-9bc6-01e543ee08b1/quiz-master-next","title":"Quiz And Survey Master <= 8.1.18 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"4cfdbf80-3733-4d5c-9bc6-01e543ee08b1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4cfdbf80-3733-4d5c-9bc6-01e543ee08b1?source=api-prod","cve":"CVE-2023-51521","affectedVersions":"<=8.1.18","severity":"medium"},{"advisoryId":"WPSECADV/WF/4f0025dc-a072-4e01-bea8-6e93948f00d8/quiz-master-next","title":"Quiz And Survey Master <= 6.3.4 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-11-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"4f0025dc-a072-4e01-bea8-6e93948f00d8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4f0025dc-a072-4e01-bea8-6e93948f00d8?source=api-prod","cve":"CVE-2019-17599","affectedVersions":"<=6.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/5113b58b-7d2e-40cd-8669-a5597321106f/quiz-master-next","title":"Quiz And Survey Master <= 7.3.4 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"5113b58b-7d2e-40cd-8669-a5597321106f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5113b58b-7d2e-40cd-8669-a5597321106f?source=api-prod","cve":"CVE-2021-36864","affectedVersions":"<=7.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/55895508-d0ef-4855-8d15-b8a45ba0dcb2/quiz-master-next","title":"Quiz And Survey Master <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-05 20:13:08","sources":[{"name":"Wordfence","remoteId":"55895508-d0ef-4855-8d15-b8a45ba0dcb2"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/55895508-d0ef-4855-8d15-b8a45ba0dcb2?source=api-prod","cve":"CVE-2025-9294","affectedVersions":"<=10.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/5bd58f59-09c2-417c-89ea-5906d413288c/quiz-master-next","title":"Quiz And Survey Master <= 7.1.11 - Authenticated SQL injection via shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-03-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"5bd58f59-09c2-417c-89ea-5906d413288c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5bd58f59-09c2-417c-89ea-5906d413288c?source=api-prod","cve":"CVE-2021-24221","affectedVersions":"<=7.1.11","severity":"high"},{"advisoryId":"WPSECADV/WF/5c482b6e-ce1e-46e2-8847-10c485594448/quiz-master-next","title":"Quiz And Survey Master <= 8.1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"5c482b6e-ce1e-46e2-8847-10c485594448"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5c482b6e-ce1e-46e2-8847-10c485594448?source=api-prod","cve":"CVE-2023-47834","affectedVersions":"<=8.1.13","severity":"medium"},{"advisoryId":"WPSECADV/WF/64584fcd-be84-4d40-bfa8-e6131d0afd58/quiz-master-next","title":"Quiz And Survey Master <= 7.3.10 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"64584fcd-be84-4d40-bfa8-e6131d0afd58"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/64584fcd-be84-4d40-bfa8-e6131d0afd58?source=api-prod","cve":"CVE-2022-41652","affectedVersions":"<=7.3.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/68110321-db1a-4634-98cd-0afd3ec933b8/quiz-master-next","title":"Quiz And Survey Master <= 8.0.8 - Unauthenticated Arbitrary Media Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"68110321-db1a-4634-98cd-0afd3ec933b8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/68110321-db1a-4634-98cd-0afd3ec933b8?source=api-prod","cve":"CVE-2023-0291","affectedVersions":"<=8.0.8","severity":"high"},{"advisoryId":"WPSECADV/WF/6975e84e-06ab-41b1-ae39-64685a878d15/quiz-master-next","title":"Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress <= 7.3.4 - Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-09-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"6975e84e-06ab-41b1-ae39-64685a878d15"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6975e84e-06ab-41b1-ae39-64685a878d15?source=api-prod","cve":"CVE-2021-36865","affectedVersions":"<=7.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/6b8ed659-0590-411f-9017-f695c9c2f322/quiz-master-next","title":"Quiz And Survey Master <= 7.3.1 - Admin+ Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-09-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"6b8ed659-0590-411f-9017-f695c9c2f322"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6b8ed659-0590-411f-9017-f695c9c2f322?source=api-prod","cve":"CVE-2021-24691","affectedVersions":"<=7.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/7d849eda-4c61-47e2-af7c-59a57fffab65/quiz-master-next","title":"Quiz And Survey Master <= 7.3.4 - Multiple Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"7d849eda-4c61-47e2-af7c-59a57fffab65"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7d849eda-4c61-47e2-af7c-59a57fffab65?source=api-prod","cve":"CVE-2021-36905","affectedVersions":"<=7.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/80399759-88dd-478d-a20e-04e8750e12c4/quiz-master-next","title":"Quiz And Survey Master <= 8.1.10 - Excessive Quiz Attempts\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"80399759-88dd-478d-a20e-04e8750e12c4"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/80399759-88dd-478d-a20e-04e8750e12c4?source=api-prod","cve":"CVE-2023-37984","affectedVersions":"<=8.1.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/82f0b4c3-d0fb-4f3c-b8aa-c5f5ce6c3f16/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 11.1.2 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"82f0b4c3-d0fb-4f3c-b8aa-c5f5ce6c3f16"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/82f0b4c3-d0fb-4f3c-b8aa-c5f5ce6c3f16?source=api-prod","cve":"CVE-2026-48867","affectedVersions":"<=11.1.2","severity":"high"},{"advisoryId":"WPSECADV/WF/855a06dc-5e92-4354-b4ab-456a224e2903/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 11.0.0 - Unauthenticated Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"855a06dc-5e92-4354-b4ab-456a224e2903"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/855a06dc-5e92-4354-b4ab-456a224e2903?source=api-prod","cve":"CVE-2026-40787","affectedVersions":"<=11.0.0","severity":"high"},{"advisoryId":"WPSECADV/WF/88a9abf4-62a9-4695-87e7-18ff0b0075e9/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-05 20:24:52","sources":[{"name":"Wordfence","remoteId":"88a9abf4-62a9-4695-87e7-18ff0b0075e9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/88a9abf4-62a9-4695-87e7-18ff0b0075e9?source=api-prod","cve":"CVE-2025-9637","affectedVersions":"<=10.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/88dc4a77-0d81-4d90-9a43-cc4d3055e39c/quiz-master-next","title":"Quiz And Survey Master <= 8.0.7 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-12-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"88dc4a77-0d81-4d90-9a43-cc4d3055e39c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/88dc4a77-0d81-4d90-9a43-cc4d3055e39c?source=api-prod","cve":"CVE-2022-46862","affectedVersions":"<=8.0.7","severity":"medium"},{"advisoryId":"WPSECADV/WF/89ee5d27-9123-4fd2-94f8-4395db5663ec/quiz-master-next","title":"Quiz And Survey Master <= 8.1.16 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-12-27 00:00:00","sources":[{"name":"Wordfence","remoteId":"89ee5d27-9123-4fd2-94f8-4395db5663ec"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/89ee5d27-9123-4fd2-94f8-4395db5663ec?source=api-prod","cve":"CVE-2023-51507","affectedVersions":"<=8.1.16","severity":"medium"},{"advisoryId":"WPSECADV/WF/9a87f0a2-42b0-4536-b4d1-83a9f6ed4262/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-08-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"9a87f0a2-42b0-4536-b4d1-83a9f6ed4262"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9a87f0a2-42b0-4536-b4d1-83a9f6ed4262?source=api-prod","cve":"CVE-2024-6879","affectedVersions":"<=9.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/9af36edd-4520-4afc-8d3a-c9a96659ddf8/quiz-master-next","title":"Quiz And Survey Master <= 8.0.10 - Cross-Site Request Forgery to Quiz Restoration\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"9af36edd-4520-4afc-8d3a-c9a96659ddf8"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9af36edd-4520-4afc-8d3a-c9a96659ddf8?source=api-prod","cve":"CVE-2023-26524","affectedVersions":"<=8.0.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/9c2883e6-2a90-46c7-ba42-cc078e4d1670/quiz-master-next","title":"Quiz and Survey Master <= 7.1.13 - SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-08-10 00:00:00","sources":[{"name":"Wordfence","remoteId":"9c2883e6-2a90-46c7-ba42-cc078e4d1670"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9c2883e6-2a90-46c7-ba42-cc078e4d1670?source=api-prod","affectedVersions":"<=7.1.13","severity":"medium"},{"advisoryId":"WPSECADV/WF/9f5cc779-c7de-42e6-a812-5c0539067b8c/quiz-master-next","title":"Quiz and Survey Master <= 8.0.4 - Improper Input Validation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"9f5cc779-c7de-42e6-a812-5c0539067b8c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/9f5cc779-c7de-42e6-a812-5c0539067b8c?source=api-prod","cve":"CVE-2022-4033","affectedVersions":"<=8.0.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/a67ab966-c179-4ea6-bf8c-bc22f9b4644b/quiz-master-next","title":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker <= 10.3.4 - Unauthenticated Insecure Direct Object Reference\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-02-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"a67ab966-c179-4ea6-bf8c-bc22f9b4644b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a67ab966-c179-4ea6-bf8c-bc22f9b4644b?source=api-prod","cve":"CVE-2026-25324","affectedVersions":"<=10.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/b29dcd7a-a0bc-4983-85ba-6ebf2c405ceb/quiz-master-next","title":"Quiz and Survey Master <= 8.1.4 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-04-16 00:00:00","sources":[{"name":"Wordfence","remoteId":"b29dcd7a-a0bc-4983-85ba-6ebf2c405ceb"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b29dcd7a-a0bc-4983-85ba-6ebf2c405ceb?source=api-prod","cve":"CVE-2023-28787","affectedVersions":"<=8.1.4","severity":"critical"},{"advisoryId":"WPSECADV/WF/b32bf1cb-3722-41fc-be51-dabe80416b14/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 10.3.5 - Authenticated (Contributor+) SQL Injection via 'merged_question' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-23 10:09:13","sources":[{"name":"Wordfence","remoteId":"b32bf1cb-3722-41fc-be51-dabe80416b14"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b32bf1cb-3722-41fc-be51-dabe80416b14?source=api-prod","cve":"CVE-2026-2412","affectedVersions":"<=10.3.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/b6e3fb4d-985f-4fb7-bcf1-523792d8dac6/quiz-master-next","title":"Quiz And Survey Master <= 7.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"b6e3fb4d-985f-4fb7-bcf1-523792d8dac6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b6e3fb4d-985f-4fb7-bcf1-523792d8dac6?source=api-prod","cve":"CVE-2021-36863","affectedVersions":"<=7.3.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/b901b3f8-8bbd-42ef-8e0c-de6d09c4950f/quiz-master-next","title":"Quiz and Survey Master <= 8.0.4 - Unauthenticated iFrame Injection via Paragraph and Short Answer\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-11-29 00:00:00","sources":[{"name":"Wordfence","remoteId":"b901b3f8-8bbd-42ef-8e0c-de6d09c4950f"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b901b3f8-8bbd-42ef-8e0c-de6d09c4950f?source=api-prod","cve":"CVE-2022-4032","affectedVersions":"<=8.0.4","severity":"high"},{"advisoryId":"WPSECADV/WF/bfd93c33-4672-4914-b052-7bea283ef60c/quiz-master-next","title":"Quiz and Survey Master <= 7.0.0 - Arbitrary File Upload\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-08-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"bfd93c33-4672-4914-b052-7bea283ef60c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bfd93c33-4672-4914-b052-7bea283ef60c?source=api-prod","cve":"CVE-2020-35949","affectedVersions":"<7.0.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/c75e6d27-7f6b-4bec-b653-c2024504f427/quiz-master-next","title":"Quiz And Survey Master <= 8.0.8 - Cross-Site Request Forgery to Arbitrary Media Deletion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-02-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"c75e6d27-7f6b-4bec-b653-c2024504f427"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c75e6d27-7f6b-4bec-b653-c2024504f427?source=api-prod","cve":"CVE-2023-0292","affectedVersions":"<=8.0.8","severity":"medium"},{"advisoryId":"WPSECADV/WF/c829894f-05b8-4c65-9f3a-3a5d6e212cde/quiz-master-next","title":"Quiz And Survey Master <= 7.3.10 - Cross-Site Request Forgery\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-23 00:00:00","sources":[{"name":"Wordfence","remoteId":"c829894f-05b8-4c65-9f3a-3a5d6e212cde"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c829894f-05b8-4c65-9f3a-3a5d6e212cde?source=api-prod","affectedVersions":"<=7.3.10","severity":"high"},{"advisoryId":"WPSECADV/WF/d230b781-e208-4e66-b8ed-aba72db8d8dc/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 11.1.2 - Authenticated (Admin+) SQL Injection via 'order' and 'limit' Parameters\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-05 10:44:40","sources":[{"name":"Wordfence","remoteId":"d230b781-e208-4e66-b8ed-aba72db8d8dc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d230b781-e208-4e66-b8ed-aba72db8d8dc?source=api-prod","cve":"CVE-2026-6448","affectedVersions":"<=11.1.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/d5ef3350-3eec-48b7-9241-5d2ce25555f0/quiz-master-next","title":"Quiz And Survey Master <= 7.1.17 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-06-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"d5ef3350-3eec-48b7-9241-5d2ce25555f0"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d5ef3350-3eec-48b7-9241-5d2ce25555f0?source=api-prod","cve":"CVE-2021-24368","affectedVersions":"<=7.1.17","severity":"medium"},{"advisoryId":"WPSECADV/WF/d94bcbf7-c20e-4b04-b4de-f68f9a793b73/quiz-master-next","title":"Quiz And Survey Master <= 6.2.1 - Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2019-03-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"d94bcbf7-c20e-4b04-b4de-f68f9a793b73"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d94bcbf7-c20e-4b04-b4de-f68f9a793b73?source=api-prod","cve":"CVE-2019-9575","affectedVersions":"<=6.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e31d8218-5e04-44a1-89aa-f93e9677680b/quiz-master-next","title":"Quiz And Survey Master <= 8.2.2 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"e31d8218-5e04-44a1-89aa-f93e9677680b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e31d8218-5e04-44a1-89aa-f93e9677680b?source=api-prod","cve":"CVE-2024-27966","affectedVersions":"<=8.2.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/e6524e66-5bd1-4616-8185-c0501a09893e/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 10.3.1 - Authenticated (Subscriber+) SQL Injection via `is_linking` Query Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-01-05 20:24:00","sources":[{"name":"Wordfence","remoteId":"e6524e66-5bd1-4616-8185-c0501a09893e"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e6524e66-5bd1-4616-8185-c0501a09893e?source=api-prod","cve":"CVE-2025-9318","affectedVersions":"<=10.3.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/e8e6ee6f-b918-4a8c-82ea-4761f2bcbc43/quiz-master-next","title":"Quiz And Survey Master <= 10.3.2 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-11-30 00:00:00","sources":[{"name":"Wordfence","remoteId":"e8e6ee6f-b918-4a8c-82ea-4761f2bcbc43"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e8e6ee6f-b918-4a8c-82ea-4761f2bcbc43?source=api-prod","cve":"CVE-2025-63054","affectedVersions":"<=10.3.2","severity":"medium"},{"advisoryId":"WPSECADV/WF/eaa4b7b9-ea5b-46a1-847e-027bcb1fa5a6/quiz-master-next","title":"Quiz And Survey Master <= 7.3.10 - Sensitive Information Disclosure\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-10-21 00:00:00","sources":[{"name":"Wordfence","remoteId":"eaa4b7b9-ea5b-46a1-847e-027bcb1fa5a6"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/eaa4b7b9-ea5b-46a1-847e-027bcb1fa5a6?source=api-prod","cve":"CVE-2022-42883","affectedVersions":"<=7.3.10","severity":"medium"},{"advisoryId":"WPSECADV/WF/ececa0ea-3d44-4b1b-b962-809a8b24c890/quiz-master-next","title":"Quiz And Survey Master <= 4.7.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2016-12-15 00:00:00","sources":[{"name":"Wordfence","remoteId":"ececa0ea-3d44-4b1b-b962-809a8b24c890"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ececa0ea-3d44-4b1b-b962-809a8b24c890?source=api-prod","cve":"CVE-2016-11085","affectedVersions":"<4.7.9","severity":"high"},{"advisoryId":"WPSECADV/WF/f2aa33cc-c1c4-42d4-9c2f-54648426ee4b/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 11.1.0 - Unauthenticated Shortcode Injection Leading to Arbitrary Quiz Result Disclosure via Quiz Answer Text Input Fields\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-04-16 16:42:59","sources":[{"name":"Wordfence","remoteId":"f2aa33cc-c1c4-42d4-9c2f-54648426ee4b"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f2aa33cc-c1c4-42d4-9c2f-54648426ee4b?source=api-prod","cve":"CVE-2026-5797","affectedVersions":"<=10.1.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/f2c88c5a-ea87-4aab-a0ce-8246e5cb540a/quiz-master-next","title":"Quiz And Survey Master <= 7.3.6 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-01-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"f2c88c5a-ea87-4aab-a0ce-8246e5cb540a"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f2c88c5a-ea87-4aab-a0ce-8246e5cb540a?source=api-prod","cve":"CVE-2022-0180","affectedVersions":"<=7.3.5","severity":"high"},{"advisoryId":"WPSECADV/WF/f3022556-3c37-45d7-809a-4e991ad9e0ea/quiz-master-next","title":"Quiz and Survey Master (QSM) <= 9.2.0 - Authenticated (Admin+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-03-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"f3022556-3c37-45d7-809a-4e991ad9e0ea"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f3022556-3c37-45d7-809a-4e991ad9e0ea?source=api-prod","cve":"CVE-2024-10679","affectedVersions":"<=9.2.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/f55a9d35-596c-4207-be11-ade1127df369/quiz-master-next","title":"Quiz And Survey Master <= 7.3.6 - Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2022-01-12 00:00:00","sources":[{"name":"Wordfence","remoteId":"f55a9d35-596c-4207-be11-ade1127df369"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f55a9d35-596c-4207-be11-ade1127df369?source=api-prod","cve":"CVE-2022-0181","affectedVersions":"<=7.3.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/f89737cf-90f0-4d85-a7b3-f633047eb93c/quiz-master-next","title":"Quiz And Survey Master <= 10.2.4 - Authenticated (Contributor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-08-14 00:00:00","sources":[{"name":"Wordfence","remoteId":"f89737cf-90f0-4d85-a7b3-f633047eb93c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f89737cf-90f0-4d85-a7b3-f633047eb93c?source=api-prod","cve":"CVE-2025-55708","affectedVersions":"<=10.2.4","severity":"medium"},{"advisoryId":"WPSECADV/WF/fa25e1d2-65eb-450a-967b-3c003fea3464/quiz-master-next","title":"Quiz and Survey Master <= 9.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-07-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"fa25e1d2-65eb-450a-967b-3c003fea3464"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fa25e1d2-65eb-450a-967b-3c003fea3464?source=api-prod","cve":"CVE-2024-6390","affectedVersions":"<=9.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/fc085413-db43-43e3-9b60-aeb341eed4e1/quiz-master-next","title":"Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress <= 9.0.1 - Authenticated (Contributor+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-06-06 00:00:00","sources":[{"name":"Wordfence","remoteId":"fc085413-db43-43e3-9b60-aeb341eed4e1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fc085413-db43-43e3-9b60-aeb341eed4e1?source=api-prod","cve":"CVE-2024-3592","affectedVersions":"<=9.0.1","severity":"critical"},{"advisoryId":"WPSECADV/WF/fca4040d-3c6c-4e31-9bed-d1b6bf5b2bed/quiz-master-next","title":"Quiz and Survey Master <= 7.1.13 - Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2021-09-13 00:00:00","sources":[{"name":"Wordfence","remoteId":"fca4040d-3c6c-4e31-9bed-d1b6bf5b2bed"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fca4040d-3c6c-4e31-9bed-d1b6bf5b2bed?source=api-prod","cve":"CVE-2021-20792","affectedVersions":"<=7.1.13","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_7265657061792d636865636b6f75742d67617465776179811c9dc5_gen.json b/internal/data/assets/plugin_7265657061792d636865636b6f75742d67617465776179811c9dc5_gen.json index fa740b9f..1f52000f 100644 --- a/internal/data/assets/plugin_7265657061792d636865636b6f75742d67617465776179811c9dc5_gen.json +++ b/internal/data/assets/plugin_7265657061792d636865636b6f75742d67617465776179811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/a1825e57-b59f-4c57-8008-640717e05eb3/reepay-checkout-gateway","title":"Frisbii Pay <= 1.8.2.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"a1825e57-b59f-4c57-8008-640717e05eb3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a1825e57-b59f-4c57-8008-640717e05eb3?source=api-prod","cve":"CVE-2025-58616","affectedVersions":"<=1.8.2.1","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/a1825e57-b59f-4c57-8008-640717e05eb3/reepay-checkout-gateway","title":"Frisbii Pay <= 1.8.2.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-03 00:00:00","sources":[{"name":"Wordfence","remoteId":"a1825e57-b59f-4c57-8008-640717e05eb3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a1825e57-b59f-4c57-8008-640717e05eb3?source=api-prod","cve":"CVE-2025-58616","affectedVersions":"<=1.8.2.1","severity":"medium"},{"advisoryId":"WPSECADV/WF/cf1ca22a-7fb6-457c-bde0-83f6744185be/reepay-checkout-gateway","title":"Frisbii Pay <= 1.8.9 - Missing Authorization to Authenticated (Subscriber+) Payment Token Modification\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 00:00:00","sources":[{"name":"Wordfence","remoteId":"cf1ca22a-7fb6-457c-bde0-83f6744185be"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cf1ca22a-7fb6-457c-bde0-83f6744185be?source=api-prod","cve":"CVE-2026-3462","affectedVersions":"<=1.8.9","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_736974656f726967696e2d70616e656c73811c9dc5_gen.json b/internal/data/assets/plugin_736974656f726967696e2d70616e656c73811c9dc5_gen.json index 58ea056d..29d99949 100644 --- a/internal/data/assets/plugin_736974656f726967696e2d70616e656c73811c9dc5_gen.json +++ b/internal/data/assets/plugin_736974656f726967696e2d70616e656c73811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/28e1a11b-5320-41be-bc78-580322e5f407/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.10.15 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"28e1a11b-5320-41be-bc78-580322e5f407"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/28e1a11b-5320-41be-bc78-580322e5f407?source=api-prod","cve":"CVE-2020-13643","affectedVersions":"<2.10.16","severity":"high"},{"advisoryId":"WPSECADV/WF/52116a6f-506f-4eeb-9bcc-19900ef38101/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.29.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Legacy Image Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"52116a6f-506f-4eeb-9bcc-19900ef38101"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/52116a6f-506f-4eeb-9bcc-19900ef38101?source=api-prod","cve":"CVE-2024-2202","affectedVersions":"<=2.29.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/704eed2c-5ea8-4c31-99c5-8c1b0572997c/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.10.15 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"704eed2c-5ea8-4c31-99c5-8c1b0572997c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/704eed2c-5ea8-4c31-99c5-8c1b0572997c?source=api-prod","cve":"CVE-2020-13642","affectedVersions":"<=2.10.15","severity":"high"},{"advisoryId":"WPSECADV/WF/a97f72f6-86f7-45dc-908a-292ba735071d/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.29.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"a97f72f6-86f7-45dc-908a-292ba735071d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a97f72f6-86f7-45dc-908a-292ba735071d?source=api-prod","cve":"CVE-2024-4361","affectedVersions":"<=2.29.15","severity":"medium"},{"advisoryId":"WPSECADV/WF/abe8c6b0-b16b-4391-88b4-dca507c973fc/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.31.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Row Label Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-13 21:46:56","sources":[{"name":"Wordfence","remoteId":"abe8c6b0-b16b-4391-88b4-dca507c973fc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/abe8c6b0-b16b-4391-88b4-dca507c973fc?source=api-prod","cve":"CVE-2024-12240","affectedVersions":"<=2.31.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/d10364ed-179d-4506-a6f0-42b03c005242/siteorigin-panels","title":"Page Builder by SiteOrigin < 2.0.5 - Reflected Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-12-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"d10364ed-179d-4506-a6f0-42b03c005242"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d10364ed-179d-4506-a6f0-42b03c005242?source=api-prod","affectedVersions":"<2.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/deeeb78d-1757-44ec-968b-968d919b84f1/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.33.5 - Authenticated (Contributor+) Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-02 13:14:54","sources":[{"name":"Wordfence","remoteId":"deeeb78d-1757-44ec-968b-968d919b84f1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/deeeb78d-1757-44ec-968b-968d919b84f1?source=api-prod","cve":"CVE-2026-2448","affectedVersions":"<=2.33.5","severity":"high"},{"advisoryId":"WPSECADV/WF/e14c12ef-0774-4459-9a2c-9a4b633a0efe/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.31.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"e14c12ef-0774-4459-9a2c-9a4b633a0efe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e14c12ef-0774-4459-9a2c-9a4b633a0efe?source=api-prod","cve":"CVE-2025-1459","affectedVersions":"<=2.31.4","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/28e1a11b-5320-41be-bc78-580322e5f407/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.10.15 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-11 00:00:00","sources":[{"name":"Wordfence","remoteId":"28e1a11b-5320-41be-bc78-580322e5f407"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/28e1a11b-5320-41be-bc78-580322e5f407?source=api-prod","cve":"CVE-2020-13643","affectedVersions":"<2.10.16","severity":"high"},{"advisoryId":"WPSECADV/WF/52116a6f-506f-4eeb-9bcc-19900ef38101/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.29.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Legacy Image Widget\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-03-22 00:00:00","sources":[{"name":"Wordfence","remoteId":"52116a6f-506f-4eeb-9bcc-19900ef38101"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/52116a6f-506f-4eeb-9bcc-19900ef38101?source=api-prod","cve":"CVE-2024-2202","affectedVersions":"<=2.29.6","severity":"medium"},{"advisoryId":"WPSECADV/WF/704eed2c-5ea8-4c31-99c5-8c1b0572997c/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.10.15 - Cross-Site Request Forgery to Reflected Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2020-05-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"704eed2c-5ea8-4c31-99c5-8c1b0572997c"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/704eed2c-5ea8-4c31-99c5-8c1b0572997c?source=api-prod","cve":"CVE-2020-13642","affectedVersions":"<=2.10.15","severity":"high"},{"advisoryId":"WPSECADV/WF/7830b3dc-7d20-4516-b4d6-57636ca773e9/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.34.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via panels_data Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:44:35","sources":[{"name":"Wordfence","remoteId":"7830b3dc-7d20-4516-b4d6-57636ca773e9"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7830b3dc-7d20-4516-b4d6-57636ca773e9?source=api-prod","cve":"CVE-2026-13295","affectedVersions":"<=2.34.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/a97f72f6-86f7-45dc-908a-292ba735071d/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.29.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2024-05-20 00:00:00","sources":[{"name":"Wordfence","remoteId":"a97f72f6-86f7-45dc-908a-292ba735071d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a97f72f6-86f7-45dc-908a-292ba735071d?source=api-prod","cve":"CVE-2024-4361","affectedVersions":"<=2.29.15","severity":"medium"},{"advisoryId":"WPSECADV/WF/abe8c6b0-b16b-4391-88b4-dca507c973fc/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.31.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Row Label Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-01-13 21:46:56","sources":[{"name":"Wordfence","remoteId":"abe8c6b0-b16b-4391-88b4-dca507c973fc"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/abe8c6b0-b16b-4391-88b4-dca507c973fc?source=api-prod","cve":"CVE-2024-12240","affectedVersions":"<=2.31.0","severity":"medium"},{"advisoryId":"WPSECADV/WF/d10364ed-179d-4506-a6f0-42b03c005242/siteorigin-panels","title":"Page Builder by SiteOrigin < 2.0.5 - Reflected Cross-Site Scripting\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2015-12-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"d10364ed-179d-4506-a6f0-42b03c005242"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d10364ed-179d-4506-a6f0-42b03c005242?source=api-prod","affectedVersions":"<2.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/deeeb78d-1757-44ec-968b-968d919b84f1/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.33.5 - Authenticated (Contributor+) Local File Inclusion\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-03-02 13:14:54","sources":[{"name":"Wordfence","remoteId":"deeeb78d-1757-44ec-968b-968d919b84f1"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/deeeb78d-1757-44ec-968b-968d919b84f1?source=api-prod","cve":"CVE-2026-2448","affectedVersions":"<=2.33.5","severity":"high"},{"advisoryId":"WPSECADV/WF/e14c12ef-0774-4459-9a2c-9a4b633a0efe/siteorigin-panels","title":"Page Builder by SiteOrigin <= 2.31.4 - Authenticated (Contributor+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-02-28 00:00:00","sources":[{"name":"Wordfence","remoteId":"e14c12ef-0774-4459-9a2c-9a4b633a0efe"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e14c12ef-0774-4459-9a2c-9a4b633a0efe?source=api-prod","cve":"CVE-2025-1459","affectedVersions":"<=2.31.4","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_737572626d612d696e667573696f6e736f66742d73686f7274636f6465811c9dc5_gen.json b/internal/data/assets/plugin_737572626d612d696e667573696f6e736f66742d73686f7274636f6465811c9dc5_gen.json new file mode 100644 index 00000000..0abe3649 --- /dev/null +++ b/internal/data/assets/plugin_737572626d612d696e667573696f6e736f66742d73686f7274636f6465811c9dc5_gen.json @@ -0,0 +1 @@ +[{"advisoryId":"WPSECADV/WF/c2a91fe9-f642-4a61-a175-ed5bb537bf08/surbma-infusionsoft-shortcode","title":"Surbma | Infusionsoft Shortcode <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:50:25","sources":[{"name":"Wordfence","remoteId":"c2a91fe9-f642-4a61-a175-ed5bb537bf08"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c2a91fe9-f642-4a61-a175-ed5bb537bf08?source=api-prod","cve":"CVE-2026-11597","affectedVersions":"<=2.0.1","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/plugin_77702d66756c6c2d7374726970652d66726565811c9dc5_gen.json b/internal/data/assets/plugin_77702d66756c6c2d7374726970652d66726565811c9dc5_gen.json index eed3987f..df854236 100644 --- a/internal/data/assets/plugin_77702d66756c6c2d7374726970652d66726565811c9dc5_gen.json +++ b/internal/data/assets/plugin_77702d66756c6c2d7374726970652d66726565811c9dc5_gen.json @@ -1 +1 @@ -[{"advisoryId":"WPSECADV/WF/2a59db6d-82a6-4570-bfa5-674ae4054ea7/wp-full-stripe-free","title":"WP Full Stripe Free <= 8.2.5 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"2a59db6d-82a6-4570-bfa5-674ae4054ea7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2a59db6d-82a6-4570-bfa5-674ae4054ea7?source=api-prod","cve":"CVE-2025-58789","affectedVersions":"<=8.2.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/2afbc0a4-32ad-4fc4-9b10-5c06784f72f3/wp-full-stripe-free","title":"WP Full Stripe Free <= 7.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"2afbc0a4-32ad-4fc4-9b10-5c06784f72f3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2afbc0a4-32ad-4fc4-9b10-5c06784f72f3?source=api-prod","cve":"CVE-2023-28934","affectedVersions":"<=7.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/886b612a-d0d1-4880-b423-eb62410a28cd/wp-full-stripe-free","title":"Stripe Payment Forms <= 8.3.1 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-24 18:16:58","sources":[{"name":"Wordfence","remoteId":"886b612a-d0d1-4880-b423-eb62410a28cd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/886b612a-d0d1-4880-b423-eb62410a28cd?source=api-prod","cve":"CVE-2025-9322","affectedVersions":"<=8.3.1","severity":"high"},{"advisoryId":"WPSECADV/WF/a4f7211b-0ff0-406e-9a0a-2dd7b1314d6d/wp-full-stripe-free","title":"WP Full Stripe Free <= 7.0.17 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4f7211b-0ff0-406e-9a0a-2dd7b1314d6d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4f7211b-0ff0-406e-9a0a-2dd7b1314d6d?source=api-prod","cve":"CVE-2023-47667","affectedVersions":"<=7.0.17","severity":"medium"},{"advisoryId":"WPSECADV/WF/b7c630c0-b37f-48d5-a87c-8e7c60103a30/wp-full-stripe-free","title":"WP Full Stripe Free <= 7.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"b7c630c0-b37f-48d5-a87c-8e7c60103a30"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b7c630c0-b37f-48d5-a87c-8e7c60103a30?source=api-prod","cve":"CVE-2023-46088","affectedVersions":"<=7.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/cb3157b3-0ba1-4471-a3d7-bab65c68a611/wp-full-stripe-free","title":"Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions <= 8.4.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb3157b3-0ba1-4471-a3d7-bab65c68a611"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb3157b3-0ba1-4471-a3d7-bab65c68a611?source=api-prod","cve":"CVE-2026-42378","affectedVersions":"<=8.4.1","severity":"medium"}] \ No newline at end of file +[{"advisoryId":"WPSECADV/WF/2a59db6d-82a6-4570-bfa5-674ae4054ea7/wp-full-stripe-free","title":"WP Full Stripe Free <= 8.2.5 - Authenticated (Administrator+) SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-09-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"2a59db6d-82a6-4570-bfa5-674ae4054ea7"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2a59db6d-82a6-4570-bfa5-674ae4054ea7?source=api-prod","cve":"CVE-2025-58789","affectedVersions":"<=8.2.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/2afbc0a4-32ad-4fc4-9b10-5c06784f72f3/wp-full-stripe-free","title":"WP Full Stripe Free <= 7.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-07-05 00:00:00","sources":[{"name":"Wordfence","remoteId":"2afbc0a4-32ad-4fc4-9b10-5c06784f72f3"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2afbc0a4-32ad-4fc4-9b10-5c06784f72f3?source=api-prod","cve":"CVE-2023-28934","affectedVersions":"<=7.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/886b612a-d0d1-4880-b423-eb62410a28cd/wp-full-stripe-free","title":"Stripe Payment Forms <= 8.3.1 - Unauthenticated SQL Injection\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2025-10-24 18:16:58","sources":[{"name":"Wordfence","remoteId":"886b612a-d0d1-4880-b423-eb62410a28cd"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/886b612a-d0d1-4880-b423-eb62410a28cd?source=api-prod","cve":"CVE-2025-9322","affectedVersions":"<=8.3.1","severity":"high"},{"advisoryId":"WPSECADV/WF/a4f7211b-0ff0-406e-9a0a-2dd7b1314d6d/wp-full-stripe-free","title":"WP Full Stripe Free <= 7.0.17 - Cross-Site Request Forgery\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-11-08 00:00:00","sources":[{"name":"Wordfence","remoteId":"a4f7211b-0ff0-406e-9a0a-2dd7b1314d6d"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a4f7211b-0ff0-406e-9a0a-2dd7b1314d6d?source=api-prod","cve":"CVE-2023-47667","affectedVersions":"<=7.0.17","severity":"medium"},{"advisoryId":"WPSECADV/WF/b7c630c0-b37f-48d5-a87c-8e7c60103a30/wp-full-stripe-free","title":"WP Full Stripe Free <= 7.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2023-10-17 00:00:00","sources":[{"name":"Wordfence","remoteId":"b7c630c0-b37f-48d5-a87c-8e7c60103a30"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b7c630c0-b37f-48d5-a87c-8e7c60103a30?source=api-prod","cve":"CVE-2023-46088","affectedVersions":"<=7.0.5","severity":"medium"},{"advisoryId":"WPSECADV/WF/c5811d13-0c5d-4a10-86a1-6318cc2e7663/wp-full-stripe-free","title":"Stripe Payment Forms by WP Full Pay <= 8.4.3 - Missing Authorization to Unauthenticated Payment Record Manipulation via 'paymentIntentId' Parameter\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 18:04:03","sources":[{"name":"Wordfence","remoteId":"c5811d13-0c5d-4a10-86a1-6318cc2e7663"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c5811d13-0c5d-4a10-86a1-6318cc2e7663?source=api-prod","cve":"CVE-2026-12432","affectedVersions":"<=8.4.3","severity":"medium"},{"advisoryId":"WPSECADV/WF/cb3157b3-0ba1-4471-a3d7-bab65c68a611/wp-full-stripe-free","title":"Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions <= 8.4.1 - Missing Authorization\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-01 00:00:00","sources":[{"name":"Wordfence","remoteId":"cb3157b3-0ba1-4471-a3d7-bab65c68a611"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cb3157b3-0ba1-4471-a3d7-bab65c68a611?source=api-prod","cve":"CVE-2026-42378","affectedVersions":"<=8.4.1","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets/theme_737065786f811c9dc5_gen.json b/internal/data/assets/theme_737065786f811c9dc5_gen.json new file mode 100644 index 00000000..cf2687f9 --- /dev/null +++ b/internal/data/assets/theme_737065786f811c9dc5_gen.json @@ -0,0 +1 @@ +[{"advisoryId":"WPSECADV/WF/6ddf6da6-ec71-4206-8798-2c0c751b3209/spexo","title":"Spexo <= 2.0.11 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Activation\n### Copyright 1999-2026 The MITRE Corporation\nCVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Common Vulnerabilities and Exposures (CVE®). Any copy you make for such purposes is authorized provided that you reproduce MITRE's copyright designation and this license in any such copy.\nhttps://www.cve.org/Legal/TermsOfUse\n### Copyright 2012-2026 Defiant Inc.\nDefiant hereby grants you a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute this software vulnerability information. Any copy of the software vulnerability information you make for such purposes is authorized provided that you include a hyperlink to this vulnerability record and reproduce Defiant's copyright designation and this license in any such copy.\nhttps://www.wordfence.com/wordfence-intelligence-terms-and-conditions/","reportedAt":"2026-06-26 17:49:02","sources":[{"name":"Wordfence","remoteId":"6ddf6da6-ec71-4206-8798-2c0c751b3209"}],"link":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6ddf6da6-ec71-4206-8798-2c0c751b3209?source=api-prod","cve":"CVE-2026-12471","affectedVersions":"<=2.0.11","severity":"medium"}] \ No newline at end of file diff --git a/internal/data/assets_gen.go b/internal/data/assets_gen.go index e38cbf4e..89601add 100644 --- a/internal/data/assets_gen.go +++ b/internal/data/assets_gen.go @@ -3488,6 +3488,8 @@ var ( theme_7370656369616c697374811c9dc5 []byte //go:embed assets/theme_73706563756c6f72811c9dc5_gen.json theme_73706563756c6f72811c9dc5 []byte + //go:embed assets/theme_737065786f811c9dc5_gen.json + theme_737065786f811c9dc5 []byte //go:embed assets/theme_73706963652d736f667477617265811c9dc5_gen.json theme_73706963652d736f667477617265811c9dc5 []byte //go:embed assets/theme_73706963657072657373811c9dc5_gen.json @@ -7702,6 +7704,8 @@ func themeAdvisories(slug string) ([]byte, error) { return theme_7370656369616c697374811c9dc5, nil case "speculor": return theme_73706563756c6f72811c9dc5, nil + case "spexo": + return theme_737065786f811c9dc5, nil case "spice-software": return theme_73706963652d736f667477617265811c9dc5, nil case "spicepress": diff --git a/internal/data/assets_gen_test.go b/internal/data/assets_gen_test.go index 4e72315b..9f405fa9 100644 --- a/internal/data/assets_gen_test.go +++ b/internal/data/assets_gen_test.go @@ -11602,6 +11602,7 @@ func plugins() []string { "surbma-bookingcom-shortcode", "surbma-font-awesome", "surbma-gdpr-proof-google-analytics", + "surbma-infusionsoft-shortcode", "surbma-magyar-woocommerce", "surbma-minicrm-shortcode", "surbma-premium-wp", @@ -17435,6 +17436,7 @@ func themes() []string { "spawp", "specialist", "speculor", + "spexo", "spice-software", "spicepress", "spidermag",