Browse all 4 CVE security advisories affecting LCWeb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
LCWeb develops web-based software solutions for enterprise content management and collaboration platforms. Historically, the application has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. The platform's security posture has been characterized by inconsistent input validation and insufficient access controls in administrative functions. While no major public security incidents have been documented, the consistent pattern of vulnerabilities across different versions suggests potential weaknesses in secure development practices. Organizations implementing LCWeb should prioritize timely patching and conduct thorough security assessments to mitigate identified risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52721 | WordPress Global Gallery Plugin <= 9.2.3 - Broken Access Control Vulnerability — Global GalleryCWE-862 | 6.5 | Medium | 2025-08-14 |
| CVE-2025-47627 | WordPress PrivateContent - Mail Actions plugin <= 2.3.2 - Local File Inclusion vulnerability — PrivateContent - Mail ActionsCWE-98 | 7.5 | High | 2025-07-04 |
| CVE-2024-13814 | Global Gallery - WordPress Responsive Gallery <= 9.1.5 - Authenticated (Subscriber+) Arbitrary Shortcode Execution — Global Gallery - WordPress Responsive GalleryCWE-94 | 5.4 | Medium | 2025-02-12 |
| CVE-2023-0581 | PrivateContent <= 8.4.3 - Protection Mechanism Bypass — PrivateContentCWE-602 | 5.3 | Medium | 2023-01-30 |
This page lists every published CVE security advisory associated with LCWeb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.