Browse all 4 CVE security advisories affecting Nazmul Ahsan. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Nazmul Ahsan is a cybersecurity researcher focused on identifying vulnerabilities in web applications and enterprise systems, with four CVEs primarily related to remote code execution and cross-site scripting flaws. His research commonly exposes authentication bypasses and privilege escalation weaknesses in popular platforms. Ahsan's work demonstrates particular attention to input validation flaws and insecure direct object references, often leading to complete system compromise. While no major public incidents are directly attributed to his findings, his CVE contributions highlight persistent security gaps in widely deployed software. His research consistently emphasizes the critical need for proper sanitization and access controls in modern web architectures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-23640 | WordPress Rename Author Slug plugin <= 1.2.0 - CSRF to Stored XSS vulnerability — Rename Author SlugCWE-352 | 7.1 | High | 2025-01-16 |
| CVE-2025-23639 | WordPress MDC YouTube Downloader plugin <= 3.0.0 - CSRF to Stored XSS vulnerability — MDC YouTube DownloaderCWE-352 | 7.1 | High | 2025-01-16 |
| CVE-2024-54404 | WordPress MDC Comment Toolbar plugin <= 1.1 - CSRF to Stored XSS vulnerability — MDC Comment ToolbarCWE-352 | 7.1 | High | 2024-12-16 |
| CVE-2024-51875 | WordPress MDC YouTube Downloader plugin <= 3.0.0 - Cross Site Scripting (XSS) vulnerability — MDC YouTube DownloaderCWE-79 | 6.5 | Medium | 2024-11-19 |
This page lists every published CVE security advisory associated with Nazmul Ahsan. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.