Browse all 3 CVE security advisories affecting Marketing Fire, LLC. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Marketing Fire, LLC develops digital marketing platforms that enable campaign management and customer analytics across multiple channels. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure direct object references. The company has recorded three CVEs, with notable incidents including a 2022 RCE flaw in their email campaign module that allowed unauthorized access to customer databases. Their security posture has shown improvement through patch management, though legacy components remain potential attack vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-39561 | WordPress LoginWP - Pro Plugin <= 4.0.8.5 - Broken Access Control vulnerability — LoginWP - ProCWE-862 | 6.5 | Medium | 2026-01-05 |
| CVE-2025-8902 | Widget Options - Extended <= 5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Widget Options - ExtendedCWE-79 | 6.4 | Medium | 2025-09-23 |
| CVE-2024-35691 | WordPress Widget Options - Extended plugin <= 5.1.0 - Multiple Data Exposure Vulnerability — Widget Options - ExtendedCWE-200 | 6.5 | Medium | 2024-06-08 |
This page lists every published CVE security advisory associated with Marketing Fire, LLC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.