Browse all 3 CVE security advisories affecting Lenderd. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Lenderd is a financial services platform primarily facilitating lending operations between institutions and borrowers. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from inadequate input validation and misconfigured access controls. The platform's security posture has been marked by inconsistent patch management, with three CVEs documented to date. While no major public breaches have been reported, the recurring nature of these vulnerabilities suggests potential systemic weaknesses in their security development lifecycle. Organizations utilizing Lenderd should implement additional compensating controls and maintain rigorous monitoring to mitigate risks associated with these historical vulnerability patterns.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-45368 | WordPress 1003 Mortgage Application plugin <= 1.75 - Local File Inclusion — 1003 Mortgage ApplicationCWE-22 | 7.7 | High | 2024-05-17 |
| CVE-2024-32581 | WordPress Mortgage Calculators WP plugin <= 1.56 - Cross Site Scripting (XSS) vulnerability — Mortgage Calculators WPCWE-79 | 6.5 | Medium | 2024-04-18 |
| CVE-2022-45357 | WordPress 1003 Mortgage Application Plugin <= 1.75 is vulnerable to CSV Injection — 1003 Mortgage ApplicationCWE-1236 | 6.1 | Medium | 2023-11-07 |
This page lists every published CVE security advisory associated with Lenderd. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.