Browse all 41 CVE security advisories affecting 10web. AI-powered Chinese analysis, POCs, and references for each vulnerability.
10Web operates as an automated WordPress hosting and management platform, primarily serving small to medium-sized businesses seeking simplified site deployment and maintenance. Security audits have identified forty-one Common Vulnerabilities and Exposures (CVEs) associated with its infrastructure and software components. Historically, these flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from outdated dependencies or misconfigured server environments. While no single catastrophic data breach has been publicly attributed directly to 10Web’s core platform, the high volume of CVEs indicates persistent challenges in patch management and code review processes. The organization generally responds to disclosures by releasing updates, yet the accumulation of unresolved or legacy issues suggests a reactive rather than proactive security posture. Users relying on this service must remain vigilant regarding plugin compatibility and server configuration to mitigate risks associated with these documented weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-5709 | WD WidgetTwitter <= 1.0.9 - Authenticated (Contributor+) SQL Injection via Shortcode — WD WidgetTwitterCWE-89 | 8.8 | High | 2023-11-07 |
This page lists every published CVE security advisory associated with 10web. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.