Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

MarketingFire — Vulnerabilities & Security Advisories 5

Browse all 5 CVE security advisories affecting MarketingFire. AI-powered Chinese analysis, POCs, and references for each vulnerability.

MarketingFire provides digital marketing automation tools for campaign management and customer engagement. Historically, the platform has been susceptible to multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, as evidenced by its five recorded CVEs. These vulnerabilities often stem from insufficient input validation and improper access controls in web interfaces and API endpoints. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on the platform for sensitive marketing operations and customer data handling.

Top products by MarketingFire: Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets Editorial Calendar Discussion Board – WordPress Forum Plugin
CVE IDTitleCVSSSeverityPublished
CVE-2026-2052 Widget Options <= 4.2.2 - Authenticated (Contributor+) Remote Code Execution via Display Logic — Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic WidgetsCWE-94 8.8 High2026-05-02
CVE-2025-8483 Discussion Board – WordPress Forum Plugin <= 2.5.5 - Authenticated (Subscriber+) Arbitrary Shortcode Execution — Discussion Board – WordPress Forum PluginCWE-94 6.3 Medium2025-10-25
CVE-2025-10580 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic WidgetsCWE-79 6.4 Medium2025-10-25
CVE-2024-8672 Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution — Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic WidgetsCWE-94 9.9 Critical2024-11-28
CVE-2023-36520 WordPress Editorial Calendar Plugin <= 3.7.12 is vulnerable to Insecure Direct Object References (IDOR) — Editorial CalendarCWE-639 5.4 Medium2023-12-20

This page lists every published CVE security advisory associated with MarketingFire. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.