Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

N-Media — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting N-Media. AI-powered Chinese analysis, POCs, and references for each vulnerability.

N-MEDIA develops digital media management solutions primarily serving content-heavy industries. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. The company has addressed multiple critical security flaws in its content management and streaming platforms, with 14 CVEs documented to date. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in web interfaces and API endpoints suggests ongoing challenges in secure coding practices, particularly regarding user-supplied data handling and authentication mechanisms.

Top products by N-Media: Frontend File Manager Simple User Registration Bulk Product Sync Personalized WooCommerce Cart Page OrderConvo Nmedia MailChimp Website Contact Form With File Upload
CVE IDTitleCVSSSeverityPublished
CVE-2026-25005 WordPress Frontend File Manager plugin <= 23.5 - Insecure Direct Object References (IDOR) vulnerability — Frontend File ManagerCWE-639 5.3 Medium2026-02-19
CVE-2025-64265 WordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerability — Frontend File ManagerCWE-862 4.3 Medium2025-11-13
CVE-2025-53428 WordPress Simple User Registration plugin <= 6.8 - Privilege Escalation vulnerability — Simple User RegistrationCWE-266 8.8 High2025-10-22
CVE-2025-57921 WordPress Frontend File Manager plugin <= 23.3 - Broken Access Control vulnerability — Frontend File ManagerCWE-862 5.3 Medium2025-09-22
CVE-2015-10137 Website Contact Form With File Upload <= 1.3.4 - Arbitrary File Upload — Website Contact Form With File UploadCWE-434 9.8 Critical2025-07-22
CVE-2025-27358 WordPress Frontend File Manager plugin <= 23.6 - Content Injection vulnerability — Frontend File ManagerCWE-80 4.6 Medium2025-07-04
CVE-2025-31599 WordPress Bulk Product Sync plugin <= 8.6 - SQL Injection vulnerability — Bulk Product SyncCWE-89 9.3 Critical2025-04-11
CVE-2025-31852 WordPress Bulk Product Sync plugin <= 8.6 - Cross Site Request Forgery (CSRF) vulnerability — Bulk Product SyncCWE-352 4.3 Medium2025-04-01
CVE-2025-30613 WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability — Nmedia MailChimpCWE-79 6.5 Medium2025-04-01
CVE-2024-53810 WordPress Simple User Registration plugin <= 5.5 - Broken Access Control on User Deletion vulnerability — Simple User RegistrationCWE-862 9.1 Critical2024-12-06
CVE-2024-49604 WordPress Simple User Registration plugin <= 6.7 - Broken Authentication vulnerability — Simple User RegistrationCWE-288 9.8 Critical2024-10-20
CVE-2024-33566 WordPress OrderConvo plugin <= 12.4 - Unauthenticated API Access to Arbitrary File Upload vulnerability — OrderConvoCWE-862 10.0 Critical2024-04-29
CVE-2024-25903 WordPress Frontend File Manager Plugin plugin <= 22.7 - Sensitive Data Exposure vulnerability — Frontend File ManagerCWE-200 5.3 Medium2024-03-17
CVE-2019-5979 WordPress Personalized WooCommerce Cart Page插件跨站请求伪造漏洞 — Personalized WooCommerce Cart Page 8.8 -2019-07-05

This page lists every published CVE security advisory associated with N-Media. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.