Browse all 3 CVE security advisories affecting Atawai. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Atawai provides enterprise-grade digital experience platforms for customer engagement and content management. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. The company has addressed three publicly disclosed CVEs, including critical RCE issues in their content delivery components. While no major security incidents have been widely reported, their vulnerability history suggests a pattern of authentication bypass and server-side injection flaws that could allow attackers to compromise affected systems or escalate privileges within the platform.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-30800 | WordPress Gum Elementor Addon plugin <= 1.3.10 - Cross Site Scripting (XSS) vulnerability — Gum Elementor AddonCWE-79 | 6.5 | Medium | 2025-03-27 |
| CVE-2024-44027 | WordPress Gum Elementor Addon plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability — Gum Elementor AddonCWE-79 | 6.5 | Medium | 2024-10-06 |
| CVE-2024-44035 | WordPress Gum Elementor Addon plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability — Gum Elementor AddonCWE-79 | 6.5 | Medium | 2024-10-06 |
This page lists every published CVE security advisory associated with Atawai. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.