Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ArtBees — Vulnerabilities & Security Advisories 25

Browse all 25 CVE security advisories affecting ArtBees. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ArtBees operates as a digital asset management platform, primarily facilitating the creation, storage, and distribution of non-fungible tokens and other blockchain-based media. Security audits have identified twenty-five distinct Common Vulnerabilities and Exposures associated with the software, indicating significant historical weaknesses in its architecture. The most prevalent vulnerability classes include remote code execution, cross-site scripting, and privilege escalation flaws, which often stem from insufficient input validation and improper access controls. These issues have allowed attackers to potentially compromise server integrity, steal user data, or execute arbitrary commands within the application environment. While specific major public breaches have not been widely documented in mainstream news, the high volume of disclosed CVEs suggests a pattern of recurring security lapses that require rigorous patching and continuous monitoring to mitigate risks for enterprise users relying on the platform for sensitive digital asset operations.

Top products by ArtBees: Jupiter X Core JupiterX Core Jupiter SellKit JupiterX SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster
CVE IDTitleCVSSSeverityPublished
CVE-2026-3533 JupiterX Core <= 4.14.1 - Authenticated (Subscriber+) Missing Authorization To Limited File Upload via Popup Template Import — Jupiter X CoreCWE-434 8.8 High2026-03-23
CVE-2025-50004 WordPress JupiterX Core plugin <= 4.10.1 - PHP Object Injection vulnerability — JupiterX CoreCWE-502 8.8 High2026-01-22
CVE-2025-58264 WordPress JupiterX Core Plugin <= 4.11.0 - Cross Site Scripting (XSS) Vulnerability — JupiterX CoreCWE-79 6.5 Medium2025-09-22
CVE-2025-3888 Jupiterx Core <= 4.8.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Inline SVG — Jupiter X CoreCWE-79 6.4 Medium2025-05-17
CVE-2025-47475 WordPress JupiterX Core plugin <= 4.8.11 - Cross Site Scripting (XSS) Vulnerability — JupiterX CoreCWE-79 6.5 Medium2025-05-07
CVE-2025-2105 Jupiter X Core <= 4.8.11 - Unauthenticated PHP Object Injection via PHAR — Jupiter X CoreCWE-502 8.1 High2025-04-26
CVE-2025-0365 Jupiterx Core <= 4.8.7 - Authenticated (Contributor+) Arbitrary File Read — Jupiter X CoreCWE-22 6.5 Medium2025-02-01
CVE-2025-0366 Jupiter X Core <= 4.8.7 - Authenticated (Contributor+) SVG Upload to Local File Inclusion (Remote Code Execution) — Jupiter X CoreCWE-98 8.8 High2025-02-01
CVE-2024-12033 Jupiter X Core <= 4.8.5 - Missing Authorization to Authenticated Library Sync — Jupiter X CoreCWE-862 4.3 Medium2025-01-07
CVE-2024-12316 Jupiter X Core <= 4.8.5 - Missing Authorization to Unauthenticated Popup Template Export — Jupiter X CoreCWE-862 5.3 Medium2025-01-07
CVE-2023-38385 WordPress Jupiter X Core plugin <= 3.3.0 - Multiple Auth. Broken Access Control vulnerability — JupiterX CoreCWE-862 8.3 High2024-12-13
CVE-2024-7781 Jupiter X Core <= 4.7.5 - Limited Unauthenticated Authentication Bypass to Account Takeover — Jupiter X CoreCWE-288 8.1 High2024-09-26
CVE-2024-7772 Jupiter X Core <= 4.6.5 - Unauthenticated Arbitrary File Upload — Jupiter X CoreCWE-434 9.8 Critical2024-09-26
CVE-2023-38389 WordPress Jupiter X Core plugin <= 3.3.8 - Unauthenticated Account Takeover vulnerability — JupiterX CoreCWE-863 9.8 Critical2024-06-21
CVE-2023-38394 WordPress Jupiter X Core plugin <= 3.3.0 - Multiple Auth. Broken Access Control vulnerability — JupiterX CoreCWE-862 5.4 Medium2024-06-19
CVE-2024-4608 SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, fasterCWE-79 6.4 Medium2024-06-06
CVE-2024-30509 WordPress SellKit plugin <= 1.8.1 - Arbitrary File Download vulnerability — SellKitCWE-22 6.5 Medium2024-05-17
CVE-2023-32110 WordPress JupiterX theme <= 3.0.0 - Auth. Local File Inclusion vulnerability — JupiterXCWE-22 7.6 High2024-05-17
CVE-2023-38388 WordPress Jupiter X Core plugin <= 3.3.5 - Unauth. Arbitrary File Upload vulnerability — JupiterX CoreCWE-434 9.0 Critical2024-03-26
CVE-2023-3813 Jupiter X Core <= 4.6.6 - Unauthenticated Arbitrary File Download — Jupiter X CoreCWE-22 7.5 High2023-07-21
CVE-2022-1659 JupiterX Core <= 2.0.6 - Information Disclosure, Modification, and Denial of Service — Jupiter X CoreCWE-284 5.4 Medium2022-06-13
CVE-2022-1654 Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 - Authenticated Privilege Escalation — Jupiter X CoreCWE-269 8.8 High2022-06-13
CVE-2022-1658 Jupiter Theme <= 6.10.1 - Authenticated Arbitrary Plugin Deletion — JupiterCWE-284 5.4 Medium2022-06-13
CVE-2022-1657 JupiterX Theme <= 2.0.6 and Jupiter Theme <= 6.10.1 - Authenticated Path Traversal and Local File Inclusion — JupiterCWE-22 8.8 High2022-06-13
CVE-2022-1656 JupiterX Theme <= 2.0.6 and JupiterX Core <= 2.0.6 - Authenticated Arbitrary Plugin Deactivation and Settings Modification — Jupiter X CoreCWE-284 5.4 Medium2022-06-13

This page lists every published CVE security advisory associated with ArtBees. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.