Browse all 8 CVE security advisories affecting Laborator. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Laborator develops security testing tools, primarily focusing on web application vulnerability assessment. Historically, their products have been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues. Security researchers have identified these weaknesses in their scanning engines and report generation modules. While no major public security incidents have been documented, the consistent appearance of multiple CVEs across different versions suggests potential challenges in secure development practices. The vulnerabilities typically stem from improper input validation and insufficient access controls in their assessment tools.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-53349 | WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability — KaliumCWE-79 | 7.1 | High | 2025-11-06 |
| CVE-2025-49926 | WordPress Kalium theme <= 3.25 - Arbitrary Code Execution vulnerability — KaliumCWE-94 | 7.2 | High | 2025-10-22 |
| CVE-2025-53348 | WordPress Kalium Theme <= 3.18.3 - Broken Access Control Vulnerability — KaliumCWE-862 | 5.3 | Medium | 2025-09-09 |
| CVE-2025-53347 | WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability — KaliumCWE-352 | 4.3 | Medium | 2025-08-14 |
This page lists every published CVE security advisory associated with Laborator. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.