Browse all 5 CVE security advisories affecting EverPress. AI-powered Chinese analysis, POCs, and references for each vulnerability.
EverPress is a content management system designed for creating and managing websites, particularly focused on publishing and editorial workflows. Historically, the platform has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, as evidenced by its five recorded CVEs. Security researchers have identified input validation weaknesses and improper access controls as recurring problems. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for unpatched installations, particularly those handling sensitive content or user data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-64203 | WordPress Mailster plugin < 4.1.14 - Cross Site Scripting (XSS) vulnerability — MailsterCWE-79 | 7.1 | High | 2025-12-18 |
| CVE-2025-39408 | WordPress BruteGuard – Brute Force Login Protection plugin <= 0.1.4 - Reflected Cross Site Scripting (XSS) vulnerability — BruteGuard – Brute Force Login ProtectionCWE-79 | 7.1 | High | 2025-04-24 |
| CVE-2024-37433 | WordPress Mailster plugin <= 4.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — MailsterCWE-79 | 7.1 | High | 2024-07-22 |
| CVE-2024-32523 | WordPress Mailster plugin <= 4.0.6 - Unauthenticated Local File Inclusion vulnerability — MailsterCWE-98 | 8.1 | High | 2024-05-17 |
| CVE-2024-30503 | WordPress Mailster plugin <= 4.0.6 - Reflected Cross Site Scripting (XSS) vulnerability — MailsterCWE-79 | 7.1 | High | 2024-03-29 |
This page lists every published CVE security advisory associated with EverPress. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.