Browse all 6 CVE security advisories affecting DevriX. AI-powered Chinese analysis, POCs, and references for each vulnerability.
DevriX specializes in WordPress development and maintenance, serving clients requiring secure custom plugin and theme solutions. Historically, their code has been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, contributing to six recorded CVEs. While no major public security incidents have been documented, their vulnerability pattern suggests consistent exposure to authentication bypasses and insufficient input sanitization. The organization's security posture appears reactive rather than preventive, with remediation typically occurring post-disclosure rather than through proactive security testing. Their codebase remains a study in common WordPress security pitfalls, emphasizing the need for rigorous security reviews in custom development environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4766 | Easy Image Gallery <= 1.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Shortcode Post Meta — Easy Image GalleryCWE-79 | 6.4 | Medium | 2026-03-25 |
This page lists every published CVE security advisory associated with DevriX. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.