Browse all 4 CVE security advisories affecting AddonMaster. AI-powered Chinese analysis, POCs, and references for each vulnerability.
AddonMaster is a browser extension management platform designed to streamline the discovery, installation, and maintenance of add-ons across major browsers. Historically, AddonMaster has been associated with multiple critical vulnerabilities, including Remote Code Execution (RCE) and Cross-Site Scripting (XSS), often stemming from insufficient input validation and improper sandboxing. The platform has also faced privilege escalation issues due to overly permissive extension permissions. While no major public security incidents have been documented, the presence of four CVEs indicates a consistent pattern of security weaknesses that could potentially lead to unauthorized access or system compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-43156 | WordPress Post Grid Master plugin <= 3.4.10 - Reflected Cross Site Scripting (XSS) vulnerability — Post Grid MasterCWE-79 | 7.1 | High | 2024-08-12 |
| CVE-2024-24704 | WordPress Load More Anything plugin <= 3.3.3 - Broken Access Control vulnerability — Load More AnythingCWE-862 | 5.4 | Medium | 2024-06-11 |
| CVE-2024-34372 | WordPress Post Grid Master plugin <= 3.4.7 - Broken Access Control vulnerability — Post Grid MasterCWE-862 | 5.3 | Medium | 2024-05-06 |
| CVE-2024-34390 | WordPress Post Grid Master plugin <= 3.4.8 - Auth. Cross Site Scripting (XSS) vulnerability — Post Grid MasterCWE-79 | 6.5 | Medium | 2024-05-06 |
This page lists every published CVE security advisory associated with AddonMaster. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.