Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

10Web — Vulnerabilities & Security Advisories 41

Browse all 41 CVE security advisories affecting 10Web. AI-powered Chinese analysis, POCs, and references for each vulnerability.

10Web operates as an automated WordPress hosting and management platform, primarily serving small to medium-sized businesses seeking simplified site deployment and maintenance. Security audits have identified forty-one Common Vulnerabilities and Exposures (CVEs) associated with its infrastructure and software components. Historically, these flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from outdated dependencies or misconfigured server environments. While no single catastrophic data breach has been publicly attributed directly to 10Web’s core platform, the high volume of CVEs indicates persistent challenges in patch management and code review processes. The organization generally responds to disclosures by releasing updates, yet the accumulation of unresolved or legacy issues suggests a reactive rather than proactive security posture. Users relying on this service must remain vigilant regarding plugin compatibility and server configuration to mitigate risks associated with these documented weaknesses.

Found 10 results / 41Clear Filters
Top products by 10Web: Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder Photo Gallery by 10Web – Mobile-Friendly Image Gallery PhotoGallery 10Web Map Builder for Google Maps Photo Gallery by 10Web 10WebAnalytics SEO by 10Web WDContactFormBuilder WD WidgetTwitter 10Web AI Assistant – AI content writing assistant Slider by 10Web Slider by 10Web – Responsive Image Slider 10Web Social Post Feed Form Maker by 10Web 10Web Booster – Website speed optimization, Cache & Page Speed optimizer
CVE IDTitleCVSSSeverityPublished
CVE-2026-3359 Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.42 - Unauthenticated SQL Injection via 'inputs' — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-89 7.5 High2026-05-05
CVE-2026-3330 Form Maker by 10Web <= 1.15.40 - Authenticated (Administrator+) SQL Injection via 'ip_search' Parameter — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-89 4.9 Medium2026-04-17
CVE-2026-4388 Form Maker by 10Web <= 1.15.40 - Unauthenticated Stored Cross-Site Scripting via Matrix Field Text Box — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-79 7.2 High2026-04-14
CVE-2026-1058 Form Maker by 10Web <= 1.15.35 - Unauthenticated Stored Cross-Site Scripting via Hidden Field — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-79 7.1 High2026-02-03
CVE-2026-1065 Form Maker by 10Web <= 1.15.35 - Unauthenticated Stored Cross-Site Scripting via SVG file — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-434 7.2 High2026-02-03
CVE-2024-10265 Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.30 - Reflected Cross-Site Scripting via add_query_arg Parameter — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-79 6.1 Medium2024-11-10
CVE-2024-8633 Form Maker <= 1.15.27 - Authenticated (Administrator+) Stored Cross-Site Scripting — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-79 5.5 Medium2024-09-26
CVE-2024-2258 Form Maker by 10Web <= 1.15.24 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-79 4.4 Medium2024-04-27
CVE-2024-2112 Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.22 - Sensitive Information Exposure — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-287 5.9 Medium2024-04-09
CVE-2024-0667 Form-Maker (twb_form-maker) <= 1.15.21 - Cross-Site Request Forgery to Limited Code Execution via Execute — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-1078 5.4 Medium2024-01-27

This page lists every published CVE security advisory associated with 10Web. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.