Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Ays Pro — Vulnerabilities & Security Advisories 53

Browse all 53 CVE security advisories affecting Ays Pro. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Ays Pro functions as an automated testing platform designed to streamline software quality assurance and deployment workflows. Its architecture, which integrates with various CI/CD pipelines, has historically exposed it to significant security risks, resulting in fifty-three recorded Common Vulnerabilities and Exposures. The most prevalent vulnerability classes affecting the software include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls within its administrative interfaces. These defects have allowed attackers to potentially gain unauthorized system access or manipulate application behavior. While the platform aims to enhance development efficiency, its complex integration points have created attack vectors that require rigorous patch management. Recent security audits highlight the necessity for strict configuration hardening to mitigate these inherent risks associated with its automated execution capabilities.

Top products by Ays Pro: Poll Maker Survey Maker Quiz Maker Secure Copy Content Protection and Content Locking Chartify Popup box FAQ Builder AYS Easy Form Image Slider by Ays AI ChatBot with ChatGPT and Content Generator by AYS Fox LMS Popup Like box Advanced Related Posts Photo Gallery by Ays Image Slider by Ays- Responsive Slider and Carousel Photo Gallery by Ays – Responsive Image Gallery Popup Like box – Page Plugin Portfolio Responsive Gallery
CVE IDTitleCVSSSeverityPublished
CVE-2026-32494 WordPress Image Slider by Ays plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability — Image Slider by AysCWE-79 7.1 High2026-03-25
CVE-2026-25346 WordPress FAQ Builder AYS plugin <= 1.8.2 - Cross Site Scripting (XSS) vulnerability — FAQ Builder AYSCWE-79 7.1 High2026-03-25
CVE-2026-32428 WordPress Popup Like box plugin <= 3.7.7 - Broken Access Control vulnerability — Popup Like boxCWE-862 5.3 Medium2026-03-13
CVE-2026-32402 WordPress Image Slider by Ays plugin <= 2.7.1 - Broken Access Control vulnerability — Image Slider by AysCWE-862 5.3 Medium2026-03-13
CVE-2026-32342 WordPress Quiz Maker plugin <= 6.7.1.2 - Cross Site Request Forgery (CSRF) vulnerability — Quiz MakerCWE-352 4.3 Medium2026-03-13
CVE-2026-32332 WordPress Easy Form plugin <= 2.7.9 - Broken Access Control vulnerability — Easy FormCWE-862 5.3 Medium2026-03-13
CVE-2026-31922 WordPress Fox LMS plugin <= 1.0.6.3 - SQL Injection vulnerability — Fox LMSCWE-89 8.5 High2026-03-13
CVE-2026-32329 WordPress Advanced Related Posts plugin <= 1.9.1 - Broken Access Control vulnerability — Advanced Related PostsCWE-862 5.3 Medium2026-03-13
CVE-2026-26370 WordPress plugin Survey Maker 跨站脚本漏洞 — Survey MakerCWE-79 6.1AIMediumAI2026-02-20
CVE-2026-25335 WordPress Secure Copy Content Protection and Content Locking plugin <= 5.0.0 - Broken Access Control vulnerability — Secure Copy Content Protection and Content LockingCWE-862 4.3 Medium2026-02-19
CVE-2026-25338 WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.4 - Broken Access Control vulnerability — AI ChatBot with ChatGPT and Content Generator by AYSCWE-862 5.3 Medium2026-02-19
CVE-2025-69021 WordPress Popup box plugin <= 6.0.7 - Cross Site Request Forgery (CSRF) vulnerability — Popup boxCWE-352 5.4 Medium2025-12-30
CVE-2025-66117 WordPress Easy Form plugin <= 2.7.8 - Broken Access Control vulnerability — Easy FormCWE-862 7.5 High2025-12-18
CVE-2025-67595 WordPress Quiz Maker plugin <= 6.7.0.82 - Cross Site Request Forgery (CSRF) vulnerability — Quiz MakerCWE-352 4.3 Medium2025-12-09
CVE-2025-66529 WordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerability — ChartifyCWE-352 4.3 Medium2025-12-09
CVE-2025-64276 WordPress Survey Maker plugin <= 5.1.9.4 - Broken Access Control vulnerability — Survey MakerCWE-862 6.5 Medium2025-11-13
CVE-2025-62039 WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.6.6 - Sensitive Data Exposure vulnerability — AI ChatBot with ChatGPT and Content Generator by AYSCWE-201 7.5 High2025-11-06
CVE-2025-57931 WordPress Popup box plugin <= 5.5.4 - Cross Site Request Forgery (CSRF) vulnerability — Popup boxCWE-352 5.3 Medium2025-10-29
CVE-2025-48095 WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site Scripting (XSS) vulnerability — Survey MakerCWE-79 5.9 Medium2025-10-22
CVE-2025-48098 WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site Scripting (XSS) vulnerability — Survey MakerCWE-79 7.1 High2025-10-22
CVE-2025-57947 WordPress Photo Gallery by Ays Plugin <= 6.3.8 - Cross Site Scripting (XSS) Vulnerability — Photo Gallery by AysCWE-79 6.5 Medium2025-09-22
CVE-2025-57954 WordPress Poll Maker Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability — Poll MakerCWE-79 6.5 Medium2025-09-22
CVE-2025-58014 WordPress Quiz Maker Plugin <= 6.7.0.64 - Cross Site Request Forgery (CSRF) Vulnerability — Quiz MakerCWE-352 4.3 Medium2025-09-22
CVE-2025-58015 WordPress Quiz Maker Plugin <= 6.7.0.65 - Sensitive Data Exposure Vulnerability — Quiz MakerCWE-497 5.3 Medium2025-09-22
CVE-2025-54673 WordPress Chartify plugin <= 3.5.3 - Cross Site Request Forgery (CSRF) vulnerability — ChartifyCWE-352 4.3 Medium2025-08-14
CVE-2025-47545 WordPress Poll Maker plugin <= 5.7.7 - Race Condition Vulnerability — Poll MakerCWE-362 5.3 Medium2025-05-07
CVE-2025-24577 WordPress Poll Maker plugin <= 5.5.0 - Broken Access Control vulnerability — Poll MakerCWE-862 6.5 Medium2025-04-17
CVE-2025-27285 WordPress Easy Form by AYS Plugin <= 2.6.9 - Reflected Cross Site Scripting (XSS) vulnerability — Easy FormCWE-79 7.1 High2025-04-17
CVE-2025-32275 WordPress Survey Maker plugin <= 5.1.6.3 - Bypass vulnerability — Survey MakerCWE-290 4.3 Medium2025-04-10
CVE-2025-32133 WordPress Secure Copy Content Protection and Content Locking plugin <= 4.5.5 - Cross Site Scripting (XSS) vulnerability — Secure Copy Content Protection and Content LockingCWE-79 5.9 Medium2025-04-04

This page lists every published CVE security advisory associated with Ays Pro. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.