Browse all 4 CVE security advisories affecting 6Storage. AI-powered Chinese analysis, POCs, and references for each vulnerability.
6Storage provides network-attached storage solutions for data management and file sharing. Historically, the product has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. These weaknesses often stem from insufficient input validation and improper access controls in web interfaces and APIs. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on these systems without proper hardening or patch management. Security researchers have noted that older versions may remain particularly vulnerable, emphasizing the need for regular updates and network segmentation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-67623 | WordPress 6Storage Rentals plugin <= 2.22.0 - Server Side Request Forgery (SSRF) vulnerability — 6Storage RentalsCWE-918 | 5.4 | Medium | 2025-12-24 |
| CVE-2023-26002 | WordPress 6Storage Rentals <= 2.19.5 - Broken Access Control Vulnerability — 6Storage RentalsCWE-862 | 4.3 | Medium | 2025-06-06 |
| CVE-2025-47619 | WordPress 6Storage Rentals plugin <= 2.20.2 - Broken Access Control vulnerability — 6Storage RentalsCWE-862 | 6.5 | Medium | 2025-05-23 |
| CVE-2025-32178 | WordPress 6Storage Rentals plugin <= 2.20.2 - Broken Access Control vulnerability — 6Storage RentalsCWE-862 | 5.4 | Medium | 2025-04-04 |
This page lists every published CVE security advisory associated with 6Storage. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.