Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CodePeople — Vulnerabilities & Security Advisories 70

Browse all 70 CVE security advisories affecting CodePeople. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Codepeople operates as a provider of enterprise software solutions, primarily focusing on human resources and payroll management systems. Historical security audits reveal a significant volume of vulnerabilities, with seventy CVEs currently on record, indicating persistent weaknesses in their development lifecycle. The most prevalent flaw classes include remote code execution and cross-site scripting, which often stem from inadequate input validation and improper session management. Additionally, privilege escalation vulnerabilities have been frequently exploited, allowing unauthorized users to access sensitive administrative functions. These issues suggest a lack of rigorous security testing during the software development phase. While no single catastrophic data breach has been widely publicized as a direct result of these specific CVEs, the high count of critical and high-severity findings poses a substantial risk to client data integrity. Organizations relying on these platforms must prioritize patching and implement strict access controls to mitigate the identified risks effectively.

Found 7 results / 70Clear Filters
Top products by CodePeople: Calculated Fields Form WP Time Slots Booking Form Contact Form Email Booking Calendar Contact Form CP Multi View Event Calendar Appointment Hour Booking – Booking Calendar CP Polls Appointment Booking Calendar CP Contact Form with PayPal Form Builder CP Appointment Hour Booking Payment Form for PayPal Pro Music Player for WooCommerce Sell Downloads cp-polls Plugin Music Store CP Image Store with Slideshow Music Store - WordPress eCommerce Search in Place CP Media Player Google Maps CP CP Blocks Appointment Booking Calendar (WordPress plugin) Appointment Hour Booking (WordPress plugin) Corner Ad
CVE IDTitleCVSSSeverityPublished
CVE-2026-32483 WordPress Contact Form Email plugin <= 1.3.63 - Broken Access Control vulnerability — Contact Form EmailCWE-862 6.5 Medium2026-03-25
CVE-2025-10019 WordPress Contact Form Email plugin <= 1.3.60 - Insecure Direct Object References (IDOR) vulnerability — Contact Form EmailCWE-639 6.5 Medium2025-12-18
CVE-2025-64369 WordPress Contact Form Email plugin <= 1.3.58 - Broken Access Control vulnerability — Contact Form EmailCWE-862 6.5 Medium2025-11-13
CVE-2025-24727 WordPress Contact Form to Email Plugin <= 1.3.52 - Cross Site Scripting (XSS) vulnerability — Contact Form EmailCWE-79 5.9 Medium2025-01-24
CVE-2023-48318 WordPress Contact Form Email plugin <= 1.3.41 - Captcha Bypass vulnerability — Contact Form EmailCWE-307 5.3 Medium2024-06-04
CVE-2023-28494 WordPress Contact Form Email plugin <= 1.3.31 - Missing Authorization Leading To Feedback Submission Vulnerability — Contact Form EmailCWE-862 4.3 Medium2024-06-04
CVE-2024-31302 WordPress Contact Form Email plugin <= 1.3.44 - Sensitive Data Exposure vulnerability — Contact Form EmailCWE-200 5.3 Medium2024-04-10

This page lists every published CVE security advisory associated with CodePeople. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.