Browse all 4 CVE security advisories affecting Israpil. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Israpil is primarily used for remote administration and system monitoring across enterprise environments. Historically, it has been associated with multiple critical vulnerabilities including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. The software's architecture often exposes authentication bypass risks and insecure default configurations. Notable security incidents include exploitation of its web interface vulnerabilities leading to unauthorized system access, with four CVEs documenting these weaknesses. Its deployment in sensitive environments has made it a target for attackers seeking lateral movement capabilities. The software's complex permission model has frequently contributed to privilege-related vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32331 | WordPress Textmetrics plugin <= 3.6.4 - Broken Access Control vulnerability — TextmetricsCWE-862 | 5.4 | Medium | 2026-03-13 |
| CVE-2026-24564 | WordPress Textmetrics plugin <= 3.6.5 - Content Injection vulnerability — TextmetricsCWE-80 | 4.3 | Medium | 2026-01-23 |
| CVE-2025-46229 | WordPress Textmetrics plugin <= 3.6.2 - Cross Site Scripting (XSS) Vulnerability — TextmetricsCWE-79 | 5.9 | Medium | 2025-04-22 |
| CVE-2025-30824 | WordPress Textmetrics plugin <= 3.6.1 - Broken Access Control vulnerability — TextmetricsCWE-862 | 5.4 | Medium | 2025-03-27 |
This page lists every published CVE security advisory associated with Israpil. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.