Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CodeRevolution — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting CodeRevolution. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CodeRevolution develops enterprise software for application lifecycle management, with a core use case of streamlining code development and deployment processes. Historically, the organization's products have been susceptible to multiple remote code execution, cross-site scripting, and privilege escalation vulnerabilities, accounting for the majority of its 16 recorded CVEs. While no major public security incidents have been documented, the consistent pattern of authentication bypass and input validation flaws suggests systemic security challenges in their development practices. The company's vulnerabilities often stem from insufficient sanitization of user inputs and inadequate access controls, requiring ongoing remediation efforts to maintain secure deployment environments.

Top products by CodeRevolution: Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit WP Pocket URLs Echo RSS Feed Post Generator Crawlomatic Multisite Scraper Post Generator WP Setup Wizard Demo My WordPress Aiomatic Crawlomatic Multipage Scraper Post Generator Echo RSS Feed Post Generator Plugin for WordPress Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit
CVE IDTitleCVSSSeverityPublished
CVE-2026-4038 Aimogen Pro <= 2.7.5 - Unauthenticated Privilege Escalation via Arbitrary Function Call — Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation ToolkitCWE-862 9.8 Critical2026-03-20
CVE-2025-6206 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.5.0 - Authenticated (Subscriber+) Arbitrary File Upload — Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI ToolkitCWE-434 7.5 High2025-06-24
CVE-2025-49312 WordPress Echo RSS Feed Post Generator Plugin for WordPress plugin <= 5.4.8.1 - Reflected Cross Site Scripting (XSS) vulnerability — Echo RSS Feed Post Generator Plugin for WordPressCWE-79 7.1 High2025-06-17
CVE-2025-49293 WordPress Crawlomatic Multisite Scraper Post Generator plugin <= 2.6.8.2 - Broken Access Control Vulnerability — Crawlomatic Multisite Scraper Post GeneratorCWE-862 4.3 Medium2025-06-06
CVE-2025-49294 WordPress Crawlomatic Multisite Scraper Post Generator plugin <= 2.6.8.2 - Sensitive Data Exposure via Log Exposure vulnerability — Crawlomatic Multisite Scraper Post GeneratorCWE-201 5.3 Medium2025-06-06
CVE-2025-4391 Echo RSS Feed Post Generator <= 5.4.8.1 - Unauthenticated Arbitrary File Upload — Echo RSS Feed Post GeneratorCWE-434 9.8 Critical2025-05-17
CVE-2025-4389 Crawlomatic Multipage Scraper Post Generator <= 2.6.8.1 - Unauthenticated Arbitrary File Upload — Crawlomatic Multipage Scraper Post GeneratorCWE-434 9.8 Critical2025-05-17
CVE-2024-13882 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.3.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload — Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI ToolkitCWE-434 8.8 High2025-03-08
CVE-2024-13816 Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit <= 2.3.6 - Missing Authorization to Authenticated (Subscriber+) Multiple Administrator Actions — Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI ToolkitCWE-862 5.4 Medium2025-03-08
CVE-2024-51681 WordPress WP Pocket URLs plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability — WP Pocket URLsCWE-79 6.5 Medium2024-11-04
CVE-2024-9265 Echo RSS Feed Post Generator <= 5.4.6 - Unauthenticated Privilege Escalation — Echo RSS Feed Post GeneratorCWE-269 9.8 Critical2024-10-01
CVE-2024-5969 AIomatic - Automatic AI Content Writer <= 2.0.5 - Unauthenticated Arbitrary Email Sending — Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI ToolkitCWE-20 5.8 Medium2024-07-27
CVE-2024-34435 WordPress Aiomatic plugin <= 1.9.3 - Broken Access Control vulnerability — AiomaticCWE-862 4.3 Medium2024-06-09
CVE-2024-31290 WordPress Demo My WordPress plugin <= 1.0.9.1 - Unauthenticated Privilege Escalation vulnerability — Demo My WordPressCWE-269 9.8 Critical2024-05-17
CVE-2024-25917 WordPress WP Setup Wizard plugin <= 1.0.8.1 - Auth. Full Database Download Vulnerability — WP Setup WizardCWE-200 8.8 High2024-04-25
CVE-2023-49176 WordPress WP Pocket URLs Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS) — WP Pocket URLsCWE-79 7.1 High2023-12-15

This page lists every published CVE security advisory associated with CodeRevolution. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.