Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Kiboko Labs — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting Kiboko Labs. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Kiboko Labs develops open-source API testing tools, primarily for REST and GraphQL services. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure deserialization. The organization has addressed 11 CVEs to date, with several critical issues allowing attackers to execute arbitrary code or bypass authentication. While no major public security incidents have been documented, their vulnerability history suggests a pattern of insecure default configurations and insufficient sanitization in API handling components.

Top products by Kiboko Labs: Arigato Autoresponder and Newsletter Chained Quiz Watu Quiz Namaste! LMS
CVE IDTitleCVSSSeverityPublished
CVE-2024-37921 WordPress Chained Quiz plugin <= 1.3.2.8 - Broken Access Control vulnerability — Chained QuizCWE-862 5.3 Medium2024-11-01
CVE-2024-37446 WordPress Chained Quiz plugin <= 1.3.2.8 - Cross Site Scripting (XSS) vulnerability — Chained QuizCWE-79 5.9 Medium2024-07-21
CVE-2024-34823 WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.3 - Cross Site Request Forgery (CSRF) vulnerability — Arigato Autoresponder and NewsletterCWE-352 4.3 Medium2024-05-10
CVE-2023-47686 WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.2.2 is vulnerable to Cross Site Request Forgery (CSRF) — Arigato Autoresponder and NewsletterCWE-352 4.3 Medium2023-11-16
CVE-2023-30483 WordPress Watu Quiz Plugin <= 3.3.9.2 is vulnerable to Cross Site Scripting (XSS) — Watu QuizCWE-79 7.1 High2023-08-14
CVE-2023-25020 WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1.1 is vulnerable to Cross Site Scripting (XSS) — Arigato Autoresponder and NewsletterCWE-79 7.1 High2023-04-07
CVE-2023-25031 WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS) — Arigato Autoresponder and NewsletterCWE-79 5.9 Medium2023-04-07
CVE-2023-25027 WordPress Chained Quiz Plugin <= 1.3.2.5 is vulnerable to Cross Site Scripting (XSS) — Chained QuizCWE-79 5.9 Medium2023-04-07
CVE-2023-25022 WordPress Watu Quiz Plugin <= 3.3.8 is vulnerable to Cross Site Scripting (XSS) — Watu QuizCWE-79 5.9 Medium2023-04-07
CVE-2023-25061 WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1.1 is vulnerable to Cross Site Scripting (XSS) — Arigato Autoresponder and NewsletterCWE-79 6.5 Medium2023-04-07
CVE-2023-24383 WordPress Namaste! LMS Plugin <= 2.5.9.1 is vulnerable to Cross Site Scripting (XSS) — Namaste! LMSCWE-79 5.9 Medium2023-04-06

This page lists every published CVE security advisory associated with Kiboko Labs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.