Browse all 4 CVE security advisories affecting BracketSpace. AI-powered Chinese analysis, POCs, and references for each vulnerability.
BracketSpace develops WordPress plugins and themes, primarily for event management and social networking functionality. Their products have historically been vulnerable to cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been documented, the four CVEs associated with their codebase highlight recurring security gaps in sanitization and authentication mechanisms. Their plugins' broad installation base increases potential impact, making regular security updates critical for users. The company maintains a moderate security posture but continues to address vulnerabilities through patch releases.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-43154 | WordPress Advanced Cron Manager – debug & control plugin <= 2.5.9 - Broken Access Control vulnerability — Advanced Cron Manager – debug & controlCWE-862 | 4.3 | Medium | 2024-11-01 |
| CVE-2024-37562 | WordPress Simple Post Notes plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability — Simple Post NotesCWE-79 | 5.9 | Medium | 2024-07-20 |
| CVE-2024-31926 | WordPress Advanced Cron Manager – debug & control plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability — Advanced Cron Manager – debug & controlCWE-79 | 5.9 | Medium | 2024-04-11 |
| CVE-2024-31935 | WordPress Simple Post Notes plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability — Simple Post NotesCWE-352 | 4.3 | Medium | 2024-04-11 |
This page lists every published CVE security advisory associated with BracketSpace. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.