Browse all 4 CVE security advisories affecting Acurax. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Acurax develops web and mobile applications primarily for businesses, with a focus on custom solutions and e-commerce platforms. Historically, their products have been susceptible to cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities, often stemming from insufficient input validation and insecure deserialization. While no major public security incidents have been widely documented, the four CVEs associated with their software highlight recurring issues in authentication mechanisms and improper access controls. Their security posture appears to prioritize functionality over robust hardening, leading to vulnerabilities that could allow attackers to compromise systems or escalate privileges within their applications.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-35749 | WordPress Under Construction / Maintenance Mode from Acurax plugin <= 2.6 - IP Bypass vulnerability — Under Construction / Maintenance Mode from AcuraxCWE-290 | 3.7 | Low | 2024-06-10 |
| CVE-2024-1476 | Under Construction / Maintenance Mode from Acurax <= 2.6 - Information Exposure — Under Construction / Maintenance Mode from AcuraxCWE-284 | 5.3 | Medium | 2024-02-28 |
| CVE-2023-6922 | Under Construction / Maintenance Mode from Acurax <= 2.6 - Authenticated (Subscriber+) Sensitive Information Exposure — Under Construction / Maintenance Mode from AcuraxCWE-200 | 4.3 | Medium | 2024-02-28 |
| CVE-2023-39926 | WordPress Under Construction / Maintenance Mode from Acurax Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS) — Under Construction / Maintenance Mode from AcuraxCWE-79 | 7.1 | High | 2023-11-16 |
This page lists every published CVE security advisory associated with Acurax. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.