Browse all 3 CVE security advisories affecting Justin Tadlock. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Justin Tadlock is a WordPress developer whose core work focuses on creating themes and plugins for the platform. Historically, his code has been associated with vulnerabilities including cross-site scripting (XSS) and remote code execution (RCE), primarily stemming from insufficient input validation and improper sanitization. Security researchers have identified multiple instances where his plugins allowed unauthorized access or data exposure due to these weaknesses. While no major public incidents have been directly linked to his work, the three CVEs recorded highlight recurring patterns in security oversight, emphasizing the need for stricter coding practices in WordPress extension development.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62905 | WordPress Query Posts plugin <= 0.3.2 - Cross Site Scripting (XSS) vulnerability — Query PostsCWE-79 | 6.5 | Medium | 2025-10-27 |
This page lists every published CVE security advisory associated with Justin Tadlock. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.