Browse all 3 CVE security advisories affecting Marcelotorres. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Marcelotorres develops web applications and APIs, primarily serving small to medium businesses with custom solutions. Historically, vulnerabilities associated with this developer include cross-site scripting (XSS) and remote code execution (RCE) flaws, often stemming from insufficient input validation and insecure deserialization. Security assessments reveal inconsistent patch management and inadequate access controls in several deployments. While no major public breaches are documented, the three CVEs recorded highlight recurring issues in authentication mechanisms and server-side request forgery (SSRF) handling. Marcelotorres' products typically require hardening to mitigate these common risks, particularly in environments handling sensitive customer data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62114 | WordPress Download Media Library plugin <= 0.2.1 - Sensitive Data Exposure vulnerability — Download Media LibraryCWE-497 | 5.3 | Medium | 2025-12-31 |
| CVE-2024-37954 | WordPress Simple Responsive Slider plugin <= 0.2.2.5 - Reflected Cross Site Scripting (XSS) vulnerability — Simple Responsive SliderCWE-79 | 7.1 | High | 2024-07-20 |
| CVE-2023-27624 | WordPress Redirect After Login Plugin <= 0.1.9 is vulnerable to Cross Site Scripting (XSS) — Redirect After LoginCWE-79 | 5.9 | Medium | 2023-06-13 |
This page lists every published CVE security advisory associated with Marcelotorres. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.