Browse all 5 CVE security advisories affecting Gesundheit Bewegt GmbH. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Gesundheit Bewegt GmbH develops workplace wellness software focused on employee health management and engagement. Historically, their applications have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. The company maintains five CVE records, primarily reflecting issues in their web-based platforms where user-supplied data wasn't properly sanitized. While no major public security incidents have been documented, their vulnerability history suggests a pattern of security weaknesses in client-side components and authentication mechanisms that could potentially lead to unauthorized access or system compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52758 | WordPress Zippy plugin <= 1.7.0 - Arbitrary File Upload vulnerability — ZippyCWE-434 | 9.1 | Critical | 2025-10-22 |
| CVE-2023-34381 | WordPress Zippy plugin <= 1.6.2 - Broken Access Control vulnerability — ZippyCWE-862 | 5.3 | Medium | 2024-12-13 |
| CVE-2024-27964 | WordPress Zippy plugin <= 1.6.9 - Arbitrary File Upload vulnerability — ZippyCWE-434 | 8.8 | High | 2024-03-21 |
| CVE-2023-36381 | WordPress Zippy Plugin <= 1.6.5 is vulnerable to PHP Object Injection — ZippyCWE-502 | 6.6 | Medium | 2023-12-28 |
| CVE-2023-26533 | WordPress Zippy Plugin <= 1.6.1 is vulnerable to Sensitive Data Exposure — ZippyCWE-200 | 6.5 | Medium | 2023-11-30 |
This page lists every published CVE security advisory associated with Gesundheit Bewegt GmbH. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.