Browse all 4 CVE security advisories affecting Eli. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Eli is primarily used for web application development and testing, with a core focus on dynamic content rendering. Historically, Eli has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, particularly in versions prior to 2.0. The application's complex plugin architecture has frequently introduced security gaps. Notable characteristics include its extensive use of client-side JavaScript and server-side templating engines, which have contributed to past security incidents. Eli's CVE record shows a pattern of input validation failures and insecure default configurations, though recent versions have improved security posture through enhanced sandboxing and regular security audits.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-30788 | WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.25.08 - CSRF to SQL Injection vulnerability — EZ SQL Reports Shortcode Widget and DB BackupCWE-352 | 8.2 | High | 2025-03-27 |
| CVE-2025-30787 | WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.25.08 - CSRF to Stored XSS vulnerability — EZ SQL Reports Shortcode Widget and DB BackupCWE-352 | 7.1 | High | 2025-03-27 |
| CVE-2025-26887 | WordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.21.35 - Cross Site Scripting (XSS) vulnerability — EZ SQL Reports Shortcode Widget and DB BackupCWE-79 | 6.5 | Medium | 2025-02-25 |
This page lists every published CVE security advisory associated with Eli. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.