FearZzZz

Title	CVE ID	CVSS	Vector	Date
TheRoof <= 1.0.3 - Reflected Cross-Site Scripting	CVE-2023-29430	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 6, 2023
Outdoor <= 3.9.6 - Reflected Cross-Site Scripting	CVE-2023-29236	6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	April 4, 2023
Slide Anything <= 2.4.7 - Authenticated (Author+) Stored Cross-Site Scripting	CVE-2023-28499	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	March 15, 2023
Real Estate 7 Theme <= 3.3.4 - Unauthenticated Arbitrary Email Sending		5.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N	March 9, 2023
Real Estate 7 <= 3.3.4 - Cross-Site Request Forgery		5.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L	March 1, 2023
Woodmart <= 7.1.1 - Cross-Site Request Forgery to License Update	CVE-2023-32500	6.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N	March 1, 2023
WoodMart <= 7.1.1 - Missing Authorization to Shortcode Injection	CVE-2023-25790	6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N	March 1, 2023
Real Estate 7 <= 3.3.4 - Reflected Cross-Site Scripting via ct_additional_features		6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	February 28, 2023
Real Estate 7 Theme <= 3.3.1 - Stored Cross-Site Scripting	CVE-2022-47146	7.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N	February 20, 2023
Woodmart <= 7.0.4 - Unauthenticated Arbitrary Content Injection	CVE-2023-25790	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	February 16, 2023
Monolit <= 2.0.6 - Unauthenticated Stored Cross-Site Scripting	CVE-2023-25041	7.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N	February 6, 2023
JS Help Desk <= 2.7.1 - Unauthenticated Arbitrary File Upload	CVE-2022-46839	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	January 27, 2023
JS Help Desk <= 2.7.1 - Missing Authorization	CVE-2022-46840	6.3	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L	January 27, 2023
JS Help Desk <= 2.7.1 - Missing Authorization to Plugin Settings Update	CVE-2022-46838	9.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H	January 27, 2023
JS Help Desk <= 2.7.1 - Unauthenticated SQL Injection	CVE-2022-47151	8.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N	January 27, 2023
JS Help Desk <= 2.7.1 - Cross-Site Request Forgery	CVE-2022-46842	5.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N	January 27, 2023
Smart Slider 3 <= 3.5.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting	CVE-2022-45843	6.4	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N	November 23, 2022
Creative Mail <= 1.5.4 - Cross-Site Request Forgery	CVE-2022-44740	8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	October 28, 2022
SEO Redirection Plugin <= 8.9 - Cross-Site Request Forgery	CVE-2022-40695	8.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	October 25, 2022
Image Hover Effects Ultimate <= 9.7.1 - Authenticated (Admin+) Arbitrary Options Update	CVE-2022-42459	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	October 25, 2022

Share this researcher's vulnerability discoveries

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation