Browse all 3 CVE security advisories affecting AppJetty. AI-powered Chinese analysis, POCs, and references for each vulnerability.
AppJetty develops e-commerce and business productivity extensions for platforms like Magento and WordPress, focusing on enhancing functionality for online stores and business operations. Historically, their extensions have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the three CVEs on record highlight recurring issues in sanitization and authentication mechanisms. Security researchers have noted that their plugins sometimes lack secure coding practices, particularly in handling user-supplied data and implementing role-based permissions, necessitating careful implementation and regular updates by users.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-47607 | WordPress Show All Comments plugin <= 7.0.1 - Cross Site Scripting (XSS) Vulnerability — Show All CommentsCWE-79 | 5.9 | Medium | 2025-05-07 |
| CVE-2025-47605 | WordPress WP jQuery DataTable plugin <= 4.1.0 - Cross Site Scripting (XSS) Vulnerability — WP jQuery DataTableCWE-79 | 5.9 | Medium | 2025-05-07 |
| CVE-2024-56287 | WordPress WP jQuery DataTable Plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability — WP jQuery DataTableCWE-79 | 6.5 | Medium | 2025-01-07 |
This page lists every published CVE security advisory associated with AppJetty. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.