Browse all 15 CVE security advisories affecting KaizenCoders. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kaizencoders develops WordPress and WooCommerce plugins for e-commerce and website functionality, with 15 CVEs recorded primarily involving RCE, XSS, and privilege escalation vulnerabilities. Their plugins often contain insufficient input validation and improper access controls, leading to authenticated and unauthenticated exploits. Notable incidents include multiple critical flaws allowing complete site compromise through file uploads and nonce bypasses. Security researchers have consistently identified similar patterns across their products, indicating systemic issues in secure coding practices. Their plugins remain attractive targets due to widespread installation in vulnerable e-commerce environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-47225 | WordPress Short URL plugin <= 1.6.8 - Broken Access Control vulnerability — Short URLCWE-862 | 5.4 | Medium | 2025-01-02 |
| CVE-2023-1604 | Short URL <= 1.6.8 - Cross-Site Request Forgery via configuration_page — Short URLCWE-352 | 4.7 | Medium | 2024-08-17 |
| CVE-2024-32138 | WordPress Short URL plugin <= 1.6.8 - Cross Site Scripting (XSS) vulnerability — Short URLCWE-79 | 7.1 | High | 2024-04-15 |
| CVE-2022-46860 | WordPress Short URL Plugin <= 1.6.4 is vulnerable to SQL Injection — Short URLCWE-89 | 8.5 | High | 2023-11-06 |
| CVE-2023-45058 | WordPress Short URL Plugin <= 1.6.8 is vulnerable to Cross Site Request Forgery (CSRF) — Short URLCWE-352 | 4.3 | Medium | 2023-10-12 |
| CVE-2023-1602 | WordPress plugin Short URL 跨站脚本漏洞 — Short URL | 4.4 | Medium | 2023-06-29 |
This page lists every published CVE security advisory associated with KaizenCoders. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.