Browse all 4 CVE security advisories affecting M.Code. AI-powered Chinese analysis, POCs, and references for each vulnerability.
M.Code is a software development platform primarily used for creating and managing business applications. Historically, it has been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues. The platform's security record includes four CVEs, highlighting recurring input validation weaknesses and insufficient access controls. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests potential risks in its default configurations and development practices. Organizations using M.Code should prioritize regular patching and security hardening to mitigate these known exploitation vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62734 | WordPress Media Library Downloader plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerability — Media Library DownloaderCWE-352 | 4.3 | Medium | 2025-12-09 |
| CVE-2025-48262 | WordPress Url Rewrite Analyzer plugin <= 1.3.3 - Broken Access Control Vulnerability — Url Rewrite AnalyzerCWE-862 | 4.3 | Medium | 2025-05-19 |
| CVE-2025-46519 | WordPress Media Library Downloader plugin <= 1.3.1 - Broken Access Control Vulnerability — Media Library DownloaderCWE-862 | 4.3 | Medium | 2025-04-24 |
| CVE-2025-24692 | WordPress Bulk Menu Edit plugin <= 1.3 - Broken Access Control vulnerability — Bulk Menu EditCWE-862 | 7.1 | High | 2025-02-14 |
This page lists every published CVE security advisory associated with M.Code. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.