Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Ays Pro — Vulnerabilities & Security Advisories 53

Browse all 53 CVE security advisories affecting Ays Pro. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Ays Pro functions as an automated testing platform designed to streamline software quality assurance and deployment workflows. Its architecture, which integrates with various CI/CD pipelines, has historically exposed it to significant security risks, resulting in fifty-three recorded Common Vulnerabilities and Exposures. The most prevalent vulnerability classes affecting the software include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls within its administrative interfaces. These defects have allowed attackers to potentially gain unauthorized system access or manipulate application behavior. While the platform aims to enhance development efficiency, its complex integration points have created attack vectors that require rigorous patch management. Recent security audits highlight the necessity for strict configuration hardening to mitigate these inherent risks associated with its automated execution capabilities.

Top products by Ays Pro: Poll Maker Survey Maker Quiz Maker Secure Copy Content Protection and Content Locking Chartify Popup box FAQ Builder AYS Easy Form Image Slider by Ays AI ChatBot with ChatGPT and Content Generator by AYS Fox LMS Popup Like box Advanced Related Posts Photo Gallery by Ays Image Slider by Ays- Responsive Slider and Carousel Photo Gallery by Ays – Responsive Image Gallery Popup Like box – Page Plugin Portfolio Responsive Gallery
CVE IDTitleCVSSSeverityPublished
CVE-2025-30905 WordPress Secure Copy Content Protection and Content Locking plugin <= 4.4.3 - Cross Site Scripting (XSS) vulnerability — Secure Copy Content Protection and Content LockingCWE-79 7.1 High2025-04-01
CVE-2025-30774 WordPress Quiz Maker plugin <= 6.6.8.7 - SQL Injection vulnerability — Quiz MakerCWE-89 8.2 High2025-04-01
CVE-2025-30904 WordPress Chartify plugin <= 3.1.7 - Cross Site Scripting (XSS) vulnerability — ChartifyCWE-79 5.9 Medium2025-03-27
CVE-2025-26971 WordPress Poll Maker <= 5.6.5 - SQL Injection vulnerability — Poll MakerCWE-89 7.6 High2025-02-25
CVE-2025-22664 WordPress Survey Maker Plugin <= 5.1.3.5 - Cross Site Scripting (XSS) vulnerability — Survey MakerCWE-79 5.9 Medium2025-02-04
CVE-2025-24722 WordPress FAQ Builder AYS Plugin <= 1.7.3 - Cross Site Scripting (XSS) vulnerability — FAQ Builder AYSCWE-79 5.9 Medium2025-01-24
CVE-2024-56277 WordPress Poll Maker Plugin < 5.5.5 - HTML Injection vulnerability — Poll MakerCWE-116 5.3 Medium2025-01-21
CVE-2024-56295 WordPress Poll Maker plugin <= 5.5.6 - Broken Access Control vulnerability — Poll MakerCWE-862 6.5 Medium2025-01-15
CVE-2023-45766 WordPress Poll Maker plugin <= 4.7.1 - Broken Access Control vulnerability — Poll MakerCWE-862 5.3 Medium2025-01-02
CVE-2023-50904 WordPress Poll Maker plugin <= 4.8.0 - Broken Access Control vulnerability — Poll MakerCWE-862 5.3 Medium2024-12-09
CVE-2024-50426 WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability — Survey MakerCWE-79 5.9 Medium2024-10-29
CVE-2024-47306 WordPress Secure Copy Content Protection and Content Locking plugin <= 4.2.3 - Cross Site Scripting (XSS) vulnerability — Secure Copy Content Protection and Content LockingCWE-79 7.1 High2024-10-06
CVE-2024-47347 WordPress Chartify plugin <= 2.7.6 - Reflected Cross Site Scripting (XSS) vulnerability — ChartifyCWE-79 7.1 High2024-10-06
CVE-2021-24484 Secure Copy Content Protection and Content Locking < 2.6.7 - Authenticated Blind SQL Injections — Secure Copy Content Protection and Content LockingCWE-89 7.2 -2021-08-02
CVE-2021-24483 Poll Maker < 3.2.1 - Authenticated Blind SQL Injections — Poll MakerCWE-89 7.2 -2021-08-02
CVE-2021-24463 Image Slider by Ays - Responsive Slider and Carousel < 2.5.0 - Authenticated Blind SQL Injection — Image Slider by Ays- Responsive Slider and CarouselCWE-89 8.8 -2021-08-02
CVE-2021-24462 Photo Gallery by Ays - Responsive Image Gallery < 4.4.4 - Authenticated Blind SQL Injections — Photo Gallery by Ays – Responsive Image GalleryCWE-89 8.8 -2021-08-02
CVE-2021-24461 FAQ Builder < 1.3.6 - Authenticated Blind SQL Injections — FAQ Builder AYSCWE-89 8.8 -2021-08-02
CVE-2021-24460 Popup Like box - Page Plugin < 3.5.3 - Authenticated Blind SQL Injections — Popup Like box – Page PluginCWE-89 8.8 -2021-08-02
CVE-2021-24459 Survey Maker < 1.5.6 - Authenticated Blind SQL Injections — Survey MakerCWE-89 8.8 -2021-08-02
CVE-2021-24458 Popup box < 2.3.4 - Authenticated Blind SQL Injections — Popup boxCWE-89 8.8 -2021-08-02
CVE-2021-24457 Portfolio Responsive Gallery < 1.1.8 - Authenticated Blind SQL Injections — Portfolio Responsive GalleryCWE-89 8.8 -2021-08-02
CVE-2021-24456 Quiz Maker < 6.2.0.9 - Multiple Authenticated Blind SQL Injections — Quiz MakerCWE-89 7.2 -2021-08-02

This page lists every published CVE security advisory associated with Ays Pro. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.