Browse all 3 CVE security advisories affecting Mad Fish Digital. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mad Fish Digital develops digital platforms with a core focus on e-commerce solutions. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with three CVEs currently documented. The organization has demonstrated inconsistent security practices, with vulnerabilities often stemming from insufficient input validation and improper access controls. While no major public security incidents have been reported, the consistent pattern of vulnerabilities suggests a need for enhanced security development lifecycle implementation. Their products remain in use despite these concerns, indicating that clients may prioritize functionality over security considerations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-41688 | WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 1.5 - Broken Access Control vulnerability — Bulk NoIndex & NoFollow ToolkitCWE-862 | 5.4 | Medium | 2024-12-13 |
| CVE-2024-29791 | WordPress Bulk NoIndex & NoFollow Toolkit plugin <= 2.01 - Reflected Cross Site Scripting (XSS) vulnerability — Bulk NoIndex & NoFollow ToolkitCWE-79 | 7.1 | High | 2024-03-27 |
| CVE-2023-45065 | WordPress Bulk NoIndex & NoFollow Toolkit Plugin <= 1.42 is vulnerable to Cross Site Scripting (XSS) — Bulk NoIndex & NoFollow ToolkitCWE-79 | 7.1 | High | 2023-10-18 |
This page lists every published CVE security advisory associated with Mad Fish Digital. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.