Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

DearHive — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting DearHive. AI-powered Chinese analysis, POCs, and references for each vulnerability.

DearHive is a customer engagement platform designed to streamline communication between businesses and clients through centralized messaging and analytics. Historically, the platform has been susceptible to multiple remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from improper input validation and insecure API endpoints. Privilege escalation flaws have also been documented, allowing unauthorized access to sensitive customer data. While no major public security incidents have been reported, the eight CVEs on record indicate consistent security challenges, particularly in web application components and authentication mechanisms.

Top products by DearHive: Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer PDF Viewer & 3D PDF Flipbook – DearPDF DearFlip Social Media Share Buttons | MashShare
CVE IDTitleCVSSSeverityPublished
CVE-2026-2569 Dear Flipbook <= 2.4.20 - Authenticated (Auhtor+) Stored Cross-Site Scripting via PDF Page Labels — Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewerCWE-79 6.4 Medium2026-03-10
CVE-2025-5314 Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer <= 2.3.65 - DOM-Based Reflected Cross-Site Scripting via 'pdf-source' — Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewerCWE-79 6.1 Medium2025-07-01
CVE-2024-11830 Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer <= 2.3.52 - Authenticated (Contributor+) Stored Cross-Site Scripting — Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewerCWE-79 6.4 Medium2025-01-08
CVE-2025-22319 WordPress MashShare plugin <= 4.0.47 - Broken Access Control vulnerability — Social Media Share Buttons | MashShareCWE-862 4.3 Medium2025-01-07
CVE-2024-8717 PDF Flipbook, 3D Flipbook, PDF embed, PDF viewer – DearFlip <= 2.3.32 - Reflected Cross-Site Scripting — Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewerCWE-79 6.1 Medium2024-10-24
CVE-2024-29807 WordPress DearFlip plugin <= 2.2.26 - Cross Site Scripting (XSS) vulnerability — DearFlipCWE-79 6.5 Medium2024-03-27
CVE-2024-0895 PDF Flipbook, 3D Flipbook – DearFlip <= 2.2.26 - Authenticated (Contributor+) Stored Cross-Site Scripting — Dear Flipbook – PDF Flipbook, 3D Flipbook, PDF embed, PDF viewerCWE-79 5.4 Medium2024-02-03
CVE-2024-23505 WordPress PDF Viewer & 3D PDF Flipbook – DearPDF Plugin <= 2.0.38 is vulnerable to Cross Site Scripting (XSS) — PDF Viewer & 3D PDF Flipbook – DearPDFCWE-79 6.5 Medium2024-01-31

This page lists every published CVE security advisory associated with DearHive. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.