Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

10Web — Vulnerabilities & Security Advisories 41

Browse all 41 CVE security advisories affecting 10Web. AI-powered Chinese analysis, POCs, and references for each vulnerability.

10Web operates as an automated WordPress hosting and management platform, primarily serving small to medium-sized businesses seeking simplified site deployment and maintenance. Security audits have identified forty-one Common Vulnerabilities and Exposures (CVEs) associated with its infrastructure and software components. Historically, these flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from outdated dependencies or misconfigured server environments. While no single catastrophic data breach has been publicly attributed directly to 10Web’s core platform, the high volume of CVEs indicates persistent challenges in patch management and code review processes. The organization generally responds to disclosures by releasing updates, yet the accumulation of unresolved or legacy issues suggests a reactive rather than proactive security posture. Users relying on this service must remain vigilant regarding plugin compatibility and server configuration to mitigate risks associated with these documented weaknesses.

Found 9 results / 41Clear Filters
Top products by 10Web: Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder Photo Gallery by 10Web – Mobile-Friendly Image Gallery PhotoGallery 10Web Map Builder for Google Maps Photo Gallery by 10Web 10WebAnalytics SEO by 10Web WDContactFormBuilder WD WidgetTwitter 10Web AI Assistant – AI content writing assistant Slider by 10Web Slider by 10Web – Responsive Image Slider 10Web Social Post Feed Form Maker by 10Web 10Web Booster – Website speed optimization, Cache & Page Speed optimizer
CVE IDTitleCVSSSeverityPublished
CVE-2026-1036 Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.36 - Missing Authorization to Unauthenticated Arbitrary Comment Deletion — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-862 5.3 Medium2026-01-21
CVE-2025-2269 Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.34 Reflected Cross-Site Scripting via 'image_id' Parameter — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79 6.1 Medium2025-04-11
CVE-2024-9878 Photo Gallery by 10Web <= 1.8.30 - Authenticated (Administrator+) Stored Cross-Site Scripting — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79 4.4 Medium2024-11-05
CVE-2024-5481 Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.23 - Authenticated (Contributor+) Path Traversal via esc_dir Function — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-35 6.8 Medium2024-06-07
CVE-2024-5426 Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Zipped SVG — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79 6.4 Medium2024-06-07
CVE-2024-2296 Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.21 - Authenticated (Admin+) Stored Cross-Site Scripting via SVG — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79 5.5 Medium2024-04-06
CVE-2024-0221 Photo Gallery by 10Web - Mobile-Friendly Image Gallery <= 1.8.19 - Directory Traversal to Arbitrary File Rename — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-22 9.1 Critical2024-02-05
CVE-2023-6924 Photo Gallery by 10Web <= 1.8.18 - Authenticated (Administrator+) Stored Cross-Site Scripting via Widget — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79 4.4 Medium2024-01-11
CVE-2021-24310 Photo Gallery < 1.5.67 - Authenticated Stored Cross-Site Scripting via Gallery Title — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79 4.8 -2021-06-01

This page lists every published CVE security advisory associated with 10Web. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.