Browse all 3 CVE security advisories affecting Acnoo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Acnoo provides cloud-based collaboration tools for enterprise teams, focusing on document management and workflow automation. Historically, the platform has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. While no major public security incidents have been widely reported, the three documented CVEs highlight consistent weaknesses in authentication mechanisms and API security. The organization has demonstrated a pattern of addressing vulnerabilities through patch releases, though the recurrence of similar issues suggests ongoing challenges in secure coding practices. Security researchers note that Acnoo's web interface frequently contains exploitable flaws that could lead to unauthorized access or system compromise if not promptly mitigated.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-50486 | WordPress Acnoo Flutter API plugin <= 1.0.5 - Account Takeover vulnerability — Acnoo Flutter APICWE-288 | 9.8 | Critical | 2024-10-28 |
| CVE-2024-50487 | WordPress MaanStore API plugin <= 1.0.1 - Account Takeover vulnerability — MaanStore APICWE-288 | 9.8 | Critical | 2024-10-28 |
| CVE-2024-49251 | WordPress Maan Addons For Elementor plugin <= 1.0.1 - Local File Inclusion vulnerability — Maan Addons For ElementorCWE-98 | 7.5 | High | 2024-10-16 |
This page lists every published CVE security advisory associated with Acnoo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.