Browse all 6 CVE security advisories affecting Conversios. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Conversios operates as a customer engagement platform enabling personalized marketing automation and lead conversion for businesses. Historically, the product has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its six recorded CVEs. Notable security characteristics include insufficient input validation and inadequate access controls in its web interface. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on the platform, particularly those with internet-exposed deployments requiring immediate patching and hardening measures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62925 | WordPress Conversios.io plugin <= 7.2.13 - Broken Access Control vulnerability — Conversios.ioCWE-862 | 5.4 | Medium | 2025-10-27 |
| CVE-2025-30909 | WordPress Conversios.io plugin <= 7.2.3 - Broken Access Control vulnerability — Conversios.ioCWE-862 | 4.3 | Medium | 2025-03-27 |
| CVE-2023-51357 | WordPress Track Google Analytics 4, Facebook Pixel & Conversions API via Google Tag Manager for WooCommerce plugin <= 6.5.0 - Broken Access Control vulnerability — Conversios.ioCWE-862 | 5.3 | Medium | 2024-12-09 |
| CVE-2024-29794 | WordPress Conversios.io plugin <= 6.9.1 - Reflected Cross Site Scripting (XSS) vulnerability — Conversios.ioCWE-79 | 7.1 | High | 2024-03-27 |
This page lists every published CVE security advisory associated with Conversios. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.