Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Molongui — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting Molongui. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Molongui is a WordPress plugin primarily used for email marketing and newsletter functionality. Historically, it has been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) issues, and privilege escalation flaws. The plugin's security record includes six CVEs, with several allowing unauthenticated attackers to execute arbitrary code or manipulate content. Notable characteristics include insufficient input validation and improper access controls in its subscription and email management features. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities has made it a recurring concern in WordPress security advisories.

Top products by Molongui: Molongui Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPress
CVE IDTitleCVSSSeverityPublished
CVE-2023-50876 WordPress Molongui plugin <= 4.7.3 - Broken Access Control vulnerability — MolonguiCWE-862 4.3 Medium2024-12-09
CVE-2024-30507 WordPress Molongui Authorship plugin <= 4.7.7 - Insecure Direct Object References (IDOR) vulnerability — MolonguiCWE-639 2.7 Low2024-03-29
CVE-2024-29764 WordPress Molongui plugin <= 4.7.7 - Cross Site Scripting (XSS) vulnerability — MolonguiCWE-79 6.5 Medium2024-03-27
CVE-2023-7014 Author Box, Guest Author and Co-Authors for Your Posts – Molongui <= 4.7.4 - Information Exposure via ma_debug — Molongui Authorship – Author Boxes, Guest Authors & Co-Authors for WordPressCWE-359 5.3 Medium2024-02-05
CVE-2023-39921 WordPress Molongui Plugin <= 4.6.19 is vulnerable to Cross Site Scripting (XSS) — Author Box, Guest Author and Co-Authors for Your Posts – MolonguiCWE-79 5.9 Medium2023-11-30
CVE-2023-39164 WordPress Molongui Plugin <= 4.6.19 is vulnerable to Cross Site Scripting (XSS) — Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – MolonguiCWE-79 7.1 High2023-09-04

This page lists every published CVE security advisory associated with Molongui. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.