Browse all 3 CVE security advisories affecting Apptivo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Apptivo provides a cloud-based business suite offering CRM, project management, and other productivity tools. Historically, the platform has been susceptible to cross-site scripting (XSS) and remote code execution vulnerabilities, often stemming from improper input validation and insufficient access controls. In 2022, a critical flaw allowed unauthorized privilege escalation through API endpoint manipulation. While no major public breaches have been documented, the three recorded CVEs highlight ongoing security challenges in maintaining consistent input sanitization and proper privilege boundaries across their integrated applications.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-31909 | WordPress Apptivo Business Site CRM plugin <= 5.3 - Arbitrary Content Deletion vulnerability — Apptivo Business Site CRMCWE-862 | 7.5 | High | 2025-04-03 |
| CVE-2024-13405 | Apptivo Business Site CRM <= 5.3 - Cross-Site Request Forgery to IP Address Block — Apptivo Business SiteCWE-352 | 4.3 | Medium | 2025-02-19 |
| CVE-2022-44582 | WordPress Apptivo Business Site CRM Plugin <= 3.0.12 is vulnerable to Cross Site Scripting (XSS) — Apptivo Business Site CRMCWE-79 | 4.8 | Medium | 2023-04-23 |
This page lists every published CVE security advisory associated with Apptivo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.