Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Apasionados — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting Apasionados. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Apasionados develops web applications primarily for e-commerce and content management platforms. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and misconfigured access controls. Their applications typically contain multiple third-party components with known vulnerabilities. While no major public security incidents have been documented, the consistent presence of multiple CVEs across their product lines suggests systemic security weaknesses in their development lifecycle. Their codebase frequently contains hardcoded credentials and lacks proper authentication mechanisms, creating persistent risks for deployed instances.

Top products by Apasionados: DoFollow Case by Case Export Post Info (WordPress plugin) Comment Blacklist Updater Email Notification on Login Submission DOM tracking for Contact Form 7
CVE IDTitleCVSSSeverityPublished
CVE-2025-62102 WordPress DoFollow Case by Case plugin <= 3.5.1 - Cross Site Request Forgery (CSRF) vulnerability — DoFollow Case by CaseCWE-352 4.3 Medium2025-12-09
CVE-2025-47626 WordPress Submission DOM tracking for Contact Form 7 plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability — Submission DOM tracking for Contact Form 7CWE-79 5.9 Medium2025-05-07
CVE-2025-47624 WordPress DoFollow Case by Case plugin <= 3.5.1 - Cross Site Request Forgery (CSRF) vulnerability — DoFollow Case by CaseCWE-352 4.3 Medium2025-05-07
CVE-2025-47625 WordPress DoFollow Case by Case plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability — DoFollow Case by CaseCWE-79 5.9 Medium2025-05-07
CVE-2025-47622 WordPress Email Notification on Login plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability — Email Notification on LoginCWE-79 5.9 Medium2025-05-07
CVE-2023-44147 WordPress Comment Blacklist Updater plugin <= 1.1.0 - Broken Access Control vulnerability — Comment Blacklist UpdaterCWE-862 5.3 Medium2024-12-13
CVE-2022-38061 WordPress Export Post Info plugin <= 1.2.0 - Authenticated CSV Injection vulnerability — Export Post Info (WordPress plugin) 6.2 Medium2022-09-23
CVE-2022-38068 WordPress Export Post Info plugin <= 1.1.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Export Post Info (WordPress plugin)CWE-79 4.8 Medium2022-09-09

This page lists every published CVE security advisory associated with Apasionados. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.