Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Bowo — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting Bowo. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Bowo is primarily used for content management and web application development, serving as a lightweight PHP framework for building dynamic websites. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting (XSS), and privilege escalation flaws, with 12 CVEs documented to date. The framework's modular architecture has introduced security risks through improper input validation and insufficient access controls. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests developers should implement strict input sanitization and security hardening when deploying Bowo-based applications.

Top products by Bowo: Debug Log Manager Admin and Site Enhancements (ASE) Variable Inspector System Dashboard
CVE IDTitleCVSSSeverityPublished
CVE-2026-32423 WordPress Admin and Site Enhancements (ASE) plugin <= 8.4.0 - Broken Access Control vulnerability — Admin and Site Enhancements (ASE)CWE-862 5.4 Medium2026-03-13
CVE-2025-64255 WordPress Admin and Site Enhancements (ASE) plugin <= 8.0.8 - Broken Access Control vulnerability — Admin and Site Enhancements (ASE)CWE-862 2.7 Low2025-12-09
CVE-2025-32613 WordPress Debug Log Manager plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability — Debug Log ManagerCWE-79 7.1 High2025-04-17
CVE-2025-32229 WordPress Variable Inspector plugin <= 2.6.3 - Broken Access Control vulnerability — Variable InspectorCWE-862 4.3 Medium2025-04-04
CVE-2025-26914 WordPress Variable Inspector plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability — Variable InspectorCWE-79 7.1 High2025-03-03
CVE-2025-26911 WordPress System Dashboard plugin <= 2.8.18 - Sensitive Data Exposure vulnerability — System DashboardCWE-497 4.3 Medium2025-02-25
CVE-2025-24648 WordPress Admin and Site Enhancements (ASE) Plugin <= 7.6.2.1 - Privilege Escalation vulnerability — Admin and Site Enhancements (ASE)CWE-266 7.5 High2025-02-04
CVE-2025-24649 WordPress Admin and Site Enhancements (ASE) Plugin <= 7.6.2 - Broken Access Control vulnerability — Admin and Site Enhancements (ASE)CWE-862 4.3 Medium2025-01-24
CVE-2024-35669 WordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerability — Debug Log ManagerCWE-862 4.3 Medium2024-06-09
CVE-2024-33915 WordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerability — Debug Log ManagerCWE-862 4.3 Medium2024-05-03
CVE-2024-32582 WordPress Debug Log Manager plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerability — Debug Log ManagerCWE-79 7.1 High2024-04-18
CVE-2023-6136 WordPress Debug Log Manager Plugin <= 2.3.0 is vulnerable to Sensitive Data Exposure — Debug Log ManagerCWE-200 5.3 Medium2023-11-30

This page lists every published CVE security advisory associated with Bowo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.