Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Labs64 — Vulnerabilities & Security Advisories 3

Browse all 3 CVE security advisories affecting Labs64. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Labs64 develops security testing tools and vulnerability research platforms, primarily serving penetration testers and security researchers. Their products have historically been associated with remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from input validation flaws and insecure default configurations. While no major public security incidents have been documented, Labs64's three recorded CVEs highlight consistent but moderate security risks in their software. Their tools remain valuable for security professionals despite these vulnerabilities, which typically require authenticated access or specific conditions to exploit. The company maintains a moderate security posture with room for improvement in secure coding practices.

Top products by Labs64: Credit Tracker DigiPass PluginPass
CVE IDTitleCVSSSeverityPublished
CVE-2024-54291 WordPress PluginPass plugin <= 0.9.10 - Arbitrary File Download/Delete vulnerability — PluginPassCWE-22 8.6 High2025-03-28
CVE-2024-52378 WordPress DigiPass plugin <= 0.3.0 - Arbitrary File Download vulnerability — DigiPassCWE-22 7.5 High2024-11-14
CVE-2023-49152 WordPress Credit Tracker Plugin <= 1.1.17 is vulnerable to Cross Site Scripting (XSS) — Credit TrackerCWE-79 6.5 Medium2023-12-14

This page lists every published CVE security advisory associated with Labs64. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.