Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Astoundify — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting Astoundify. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Astoundify develops WordPress plugins and themes for digital marketing and e-commerce, with 14 CVEs recorded. Historically, vulnerabilities have included stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation, often stemming from insufficient input validation and improper access controls. Notable security characteristics include frequent use of deprecated functions and inconsistent sanitization practices. While no major public incidents have been widely documented, the pattern of vulnerabilities suggests ongoing challenges in secure coding practices. The company's products remain popular despite these issues, indicating a need for improved security measures to address recurring flaws in their codebase.

Top products by Astoundify: Jobify Simple Registration for WooCommerce WP Modal Popup with Cookie Integration Listify WP Job Manager – Company Profiles Jobify - Job Board WordPress Theme Job Colors for WP Job Manager
CVE IDTitleCVSSSeverityPublished
CVE-2026-28042 WordPress Listify plugin <= 3.2.5 - Reflected Cross Site Scripting (XSS) vulnerability — ListifyCWE-79 7.1 High2026-03-05
CVE-2025-67916 WordPress Jobify theme <= 4.3.0 - Cross Site Scripting (XSS) vulnerability — JobifyCWE-79 7.1 High2026-01-08
CVE-2025-59009 WordPress Listify theme <= 3.2.5 - Cross Site Request Forgery (CSRF) vulnerability — ListifyCWE-352 4.3 Medium2025-12-16
CVE-2025-12095 Simple Registration for WooCommerce <= 1.5.8 - Cross-Site Request Forgery to Privilege Escalation via Role Request Approval — Simple Registration for WooCommerceCWE-352 8.8 High2025-10-25
CVE-2025-54683 WordPress WP Modal Popup with Cookie Integration Plugin plugin <= 2.4 - Cross Site Scripting (XSS) Vulnerability — WP Modal Popup with Cookie IntegrationCWE-79 5.9 Medium2025-08-14
CVE-2025-31772 WordPress WP Modal Popup with Cookie Integration plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability — WP Modal Popup with Cookie IntegrationCWE-79 5.9 Medium2025-04-01
CVE-2025-31031 WordPress Job Colors for WP Job Manager plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability — Job Colors for WP Job ManagerCWE-79 5.9 Medium2025-03-27
CVE-2024-13698 Jobify - Job Board WordPress Theme <= 4.2.7 - Missing Authorization to Unauthenticated Server-Side Request Forgery, Arbitrary Image Upload, and Image Generation — Jobify - Job Board WordPress ThemeCWE-862 6.5 Medium2025-01-24
CVE-2024-52480 WordPress Jobify plugin < 4.3.0 - Broken Access Control vulnerability — JobifyCWE-862 5.3 Medium2024-12-09
CVE-2023-6978 WP Job Manager – Company Profiles <= 1.7 - Reflected Cross-Site Scripting — WP Job Manager – Company ProfilesCWE-79 6.1 Medium2024-12-04
CVE-2024-52478 WordPress Jobify theme < 4.3.0 - Cross Site Scripting (XSS) vulnerability — JobifyCWE-79 6.5 Medium2024-12-02
CVE-2024-52479 WordPress Jobify plugin < 4.3.0 - Cross Site Request Forgery (CSRF) vulnerability — JobifyCWE-352 4.3 Medium2024-12-02
CVE-2024-52481 WordPress Jobify theme < 4.3.0 - Unauthenticated Arbitrary File Read vulnerability — JobifyCWE-22 7.5 High2024-11-28
CVE-2024-32511 WordPress Simple Registration for WooCommerce plugin <= 1.5.6 - Unauthenticated Privilege Escalation vulnerability — Simple Registration for WooCommerceCWE-269 9.8 Critical2024-05-17

This page lists every published CVE security advisory associated with Astoundify. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.