Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Marco Milesi — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting Marco Milesi. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Marco Milesi focuses on web application security research, primarily identifying vulnerabilities in enterprise software and content management systems. His 13 CVEs predominantly include remote code execution, cross-site scripting, and privilege escalation flaws, often in popular open-source platforms. Notable characteristics include consistent findings in authentication bypass mechanisms and insecure direct object references. While no major public incidents are directly attributed to his discoveries, his research has frequently targeted widely deployed systems, potentially affecting numerous organizations. His work demonstrates particular emphasis on input validation weaknesses and session management flaws, highlighting common yet critical security gaps in web applications.

Top products by Marco Milesi: ANAC XML Bandi di Gara Telegram Bot & Channel WP Attachments ANAC XML Viewer Amministrazione Trasparente Browser Theme Color WP Cloud
CVE IDTitleCVSSSeverityPublished
CVE-2025-64252 WordPress ANAC XML Viewer plugin <= 1.8.2 - Server Side Request Forgery (SSRF) vulnerability — ANAC XML ViewerCWE-918 4.9 Medium2026-01-22
CVE-2025-62888 WordPress WP Attachments plugin <= 5.2 - Broken Access Control vulnerability — WP AttachmentsCWE-862 5.4 Medium2025-12-31
CVE-2025-64260 WordPress ANAC XML Bandi di Gara plugin <= 7.7 - Cross Site Scripting (XSS) vulnerability — ANAC XML Bandi di GaraCWE-79 7.1 High2025-12-18
CVE-2025-23819 WordPress WP Cloud plugin <= 1.4.3 - Arbitrary File Deletion vulnerability — WP CloudCWE-22 7.5 High2025-02-03
CVE-2024-38789 WordPress Telegram Bot & Channel plugin <= 3.8.2 - Cross Site Request Forgery (CSRF) vulnerability — Telegram Bot & ChannelCWE-352 5.3 Medium2025-01-02
CVE-2024-22291 WordPress Browser Theme Color Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF) — Browser Theme ColorCWE-352 4.3 Medium2024-01-31
CVE-2023-47655 WordPress ANAC XML Bandi di Gara Plugin <= 7.5 is vulnerable to Cross Site Request Forgery (CSRF) — ANAC XML Bandi di GaraCWE-352 5.4 Medium2023-11-18
CVE-2023-47242 WordPress ANAC XML Bandi di Gara Plugin <= 7.5 is vulnerable to Cross Site Scripting (XSS) — ANAC XML Bandi di GaraCWE-79 6.5 Medium2023-11-16
CVE-2023-47245 WordPress ANAC XML Viewer Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS) — ANAC XML ViewerCWE-79 5.9 Medium2023-11-16
CVE-2023-47656 WordPress ANAC XML Bandi di Gara Plugin <= 7.5 is vulnerable to Cross Site Scripting (XSS) — ANAC XML Bandi di GaraCWE-79 5.9 Medium2023-11-14
CVE-2023-45758 WordPress Amministrazione Trasparente Plugin <= 8.0.2 is vulnerable to Cross Site Scripting (XSS) — Amministrazione TrasparenteCWE-79 5.9 Medium2023-10-24
CVE-2023-45651 WordPress WP Attachments Plugin <= 5.0.11 is vulnerable to Cross Site Request Forgery (CSRF) — WP AttachmentsCWE-352 4.3 Medium2023-10-16
CVE-2023-34006 WordPress Telegram Bot & Channel Plugin <= 3.6.2 is vulnerable to Cross Site Scripting (XSS) — Telegram Bot & ChannelCWE-79 5.9 Medium2023-06-22

This page lists every published CVE security advisory associated with Marco Milesi. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.