Browse all 4 CVE security advisories affecting Mufeng. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mufeng is primarily used in enterprise environments for data processing and workflow automation. Historically, vulnerabilities in Mufeng have commonly included remote code execution, cross-site scripting, and privilege escalation flaws, with four CVEs documented to date. Security researchers have noted that improper input validation and insufficient access controls have been recurring issues. While no major public security incidents have been widely reported, the presence of multiple CVEs indicates ongoing security challenges that require regular patching and careful configuration. Organizations implementing Mufeng should prioritize security hardening and continuous monitoring to mitigate potential risks associated with these documented vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-29411 | WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Unauthenticated SQL Injection SQLi) vulnerability — Hermit 音乐播放器 (WordPress plugin)CWE-89 | 8.3 | High | 2022-04-28 |
| CVE-2022-29412 | WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — Hermit 音乐播放器 (WordPress plugin)CWE-352 | 5.4 | Medium | 2022-04-28 |
| CVE-2022-29413 | WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability — Hermit 音乐播放器 (WordPress plugin)CWE-352 | 4.7 | Medium | 2022-04-28 |
| CVE-2022-29410 | WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Authenticated SQL Injection (SQLi) vulnerability — Hermit 音乐播放器 (WordPress plugin)CWE-89 | 7.4 | High | 2022-04-28 |
This page lists every published CVE security advisory associated with Mufeng. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.