Browse all 3 CVE security advisories affecting JS Morisset. AI-powered Chinese analysis, POCs, and references for each vulnerability.
JS Morisset develops security research tools focused on web application vulnerability detection. Their work primarily addresses common web flaws, with three CVEs recorded covering cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities. The researcher typically targets client-side security issues in browser extensions and web applications, with a particular emphasis on input validation flaws. While no major public security incidents are directly attributed to this researcher, their CVE contributions highlight persistent challenges in web security, particularly around improper sanitization of user inputs and insecure direct object references. Their findings consistently demonstrate the ongoing risks in client-side security implementations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-58653 | WordPress JSM file_get_contents() Shortcode Plugin <= 2.7.1 - Cross Site Scripting (XSS) Vulnerability — JSM file_get_contents() ShortcodeCWE-79 | 6.5 | Medium | 2025-09-22 |
| CVE-2025-24589 | WordPress JSM Show Post Metadata plugin <= 4.6.0 - Broken Access Control vulnerability — JSM Show Post MetadataCWE-862 | 4.3 | Medium | 2025-01-24 |
| CVE-2024-56243 | WordPress WPSSO Core plugin <= 18.18.1 - Broken Access Control vulnerability — WPSSO CoreCWE-862 | 4.3 | Medium | 2025-01-02 |
This page lists every published CVE security advisory associated with JS Morisset. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.