Browse all 3 CVE security advisories affecting Gora Tech LLC. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Gora Tech LLC develops enterprise software solutions for supply chain management, with its core use case facilitating automated inventory tracking and vendor coordination. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. The company has three CVEs on record, including one critical RCE flaw in their API endpoint that allowed unauthorized system compromise. While no major public incidents have been documented, their vulnerability history suggests a pattern of security gaps in web application components and authentication mechanisms, requiring enhanced secure coding practices and regular security assessments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-49290 | WordPress Cooked Pro plugin < 1.8.0 - Cross Site Request Forgery (CSRF) vulnerability — Cooked ProCWE-352 | 4.3 | Medium | 2024-10-20 |
| CVE-2024-49289 | WordPress Cooked Pro plugin < 1.8.0 - Cross Site Scripting (XSS) vulnerability — Cooked ProCWE-79 | 6.5 | Medium | 2024-10-17 |
| CVE-2024-49291 | WordPress Cooked Pro plugin < 1.8.0 - Unauthenticated Arbitrary File Upload vulnerability — Cooked ProCWE-434 | 10.0 | Critical | 2024-10-17 |
This page lists every published CVE security advisory associated with Gora Tech LLC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.