Browse all 4 CVE security advisories affecting Black and White. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Black and White is a network monitoring tool primarily used for traffic analysis and security auditing in enterprise environments. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. The application's architecture has occasionally allowed authenticated users to execute unauthorized commands or bypass security restrictions. While no major public incidents have been widely documented, its consistent presence in vulnerability databases suggests ongoing security challenges that require regular patching and hardening to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-32252 | WordPress WP Genealogy plugin <= 0.1.9 - Broken Access Control vulnerability — WP Genealogy – Your Family History WebsiteCWE-862 | 5.3 | Medium | 2025-04-04 |
| CVE-2025-25167 | WordPress BookPress – For Book Authors Plugin <= 1.2.7 - Broken Access Control vulnerability — BookPress – For Book AuthorsCWE-862 | 8.2 | High | 2025-02-07 |
| CVE-2025-25168 | WordPress BookPress – For Book Authors Plugin <= 1.2.7 - CSRF to Stored XSS vulnerability — BookPress – For Book AuthorsCWE-352 | 7.1 | High | 2025-02-07 |
| CVE-2024-51807 | WordPress AgendaPress plugin <= 1.0.8 - Stored Cross Site Scripting (XSS) vulnerability — AgendaPress – Easily Publish Meeting Agendas and Programs on WordPressCWE-79 | 6.5 | Medium | 2024-11-19 |
This page lists every published CVE security advisory associated with Black and White. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.