Browse all 3 CVE security advisories affecting Glowlogix. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Glowlogix develops API security solutions for enterprises, focusing on protecting web services and microservices architectures. Historically, their products have been associated with remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. The company has recorded three CVEs, including critical RCE issues in their API gateways that could allow attackers to execute arbitrary code with system privileges. While no major public security incidents have been documented, their vulnerability history suggests consistent challenges in secure coding practices, particularly around authentication mechanisms and secure default configurations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39688 | WordPress WP Frontend Profile plugin <= 1.3.9 - Broken Access Control vulnerability — WP Frontend ProfileCWE-862 | 5.3 | Medium | 2026-04-08 |
| CVE-2026-1644 | WP Frontend Profile <= 1.3.8 - Cross-Site Request Forgery to Unauthorized User Account Approval or Rejection — WP Frontend ProfileCWE-352 | 4.3 | Medium | 2026-03-06 |
| CVE-2023-51483 | WordPress WP Frontend Profile plugin <= 1.3.1 - Unauthenticated Privilege Escalation vulnerability — WP Frontend ProfileCWE-269 | 9.8 | Critical | 2024-05-17 |
This page lists every published CVE security advisory associated with Glowlogix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.