Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Noor Alam — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting Noor Alam. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Noor alam is a security researcher focused on identifying vulnerabilities in web applications and enterprise systems, with 17 CVEs primarily in authentication bypasses and input validation flaws. Common vulnerability classes include remote code execution, cross-site scripting, and privilege escalation, often in popular frameworks and CMS platforms. Security characteristics center on thorough code analysis and edge case exploitation, with no major public incidents reported. The researcher demonstrates consistent impact through high-severity findings that address critical weaknesses in widely deployed software, contributing significantly to improving security postures across affected platforms.

Top products by Noor Alam: Magical Addons For Elementor Checkout for PayPal Magical Posts Display – Elementor & Gutenberg Posts Blocks WordPress Image SEO Sell Media File with Stripe Magical Blocks WP fancybox Magical Posts Display Colorbox Lightbox Easy Media Download SMTP Mailer
CVE IDTitleCVSSSeverityPublished
CVE-2026-32538 WordPress SMTP Mailer plugin <= 1.1.24 - Sensitive Data Exposure vulnerability — SMTP MailerCWE-201 7.5 High2026-03-25
CVE-2026-32429 WordPress Magical Addons For Elementor plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability — Magical Addons For ElementorCWE-79 6.5 Medium2026-03-13
CVE-2026-32387 WordPress Checkout for PayPal plugin <= 1.0.46 - Broken Access Control vulnerability — Checkout for PayPalCWE-862 5.3 Medium2026-03-13
CVE-2025-69169 WordPress Easy Media Download plugin <= 1.1.11 - CSS Injection vulnerability — Easy Media DownloadCWE-80 5.4 Medium2026-01-08
CVE-2025-49397 WordPress Colorbox Lightbox Plugin <= 1.1.5 - Cross Site Scripting (XSS) Vulnerability — Colorbox LightboxCWE-79 6.5 Medium2025-08-20
CVE-2025-54706 WordPress Magical Posts Display Plugin plugin <= 1.2.52 - Cross Site Scripting (XSS) Vulnerability — Magical Posts DisplayCWE-79 6.5 Medium2025-08-14
CVE-2025-26591 WordPress WP fancybox plugin <= 1.0.3 - Cross Site Scripting (XSS) Vulnerability — WP fancyboxCWE-79 6.5 Medium2025-07-04
CVE-2025-39572 WordPress Checkout for PayPal plugin <= 1.0.38 - Cross Site Scripting (XSS) Vulnerability — Checkout for PayPalCWE-79 6.5 Medium2025-04-16
CVE-2025-31844 WordPress Magical Blocks plugin <= 1.0.12 - Cross Site Scripting (XSS) vulnerability — Magical BlocksCWE-79 6.5 Medium2025-04-01
CVE-2024-54212 WordPress Magical Addons For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability — Magical Addons For ElementorCWE-79 6.5 Medium2024-12-06
CVE-2024-51892 WordPress Sell Media File with Stripe plugin <= 1.0.6 - Stored Cross Site Scripting (XSS) vulnerability — Sell Media File with StripeCWE-79 6.5 Medium2024-11-19
CVE-2024-51665 WordPress Magical Addons For Elementor plugin <= 1.2.1 - Server Side Request Forgery (SSRF) vulnerability — Magical Addons For ElementorCWE-918 4.9 Medium2024-11-04
CVE-2024-49627 WordPress WordPress Image SEO plugin <= 1.1.4 - Cross Site Request Forgery (CSRF) vulnerability — WordPress Image SEOCWE-352 4.3 Medium2024-10-20
CVE-2024-38730 WordPress Magical Addons For Elementor plugin <= 1.1.41 - Server Side Request Forgery (SSRF) vulnerability — Magical Addons For ElementorCWE-918 4.9 Medium2024-07-22
CVE-2024-37951 WordPress Magical Posts Display plugin <= 1.2.38 - Cross Site Scripting (XSS) vulnerability — Magical Posts Display – Elementor & Gutenberg Posts BlocksCWE-79 6.5 Medium2024-07-20
CVE-2024-38681 WordPress Magical Addons For Elementor plugin <= 1.1.41 - Cross Site Scripting (XSS) vulnerability — Magical Addons For ElementorCWE-79 6.5 Medium2024-07-20
CVE-2024-34547 WordPress Magical Addons For Elementor plugin <= 1.1.34 - Cross Site Scripting (XSS) vulnerability — Magical Addons For ElementorCWE-79 6.5 Medium2024-05-08

This page lists every published CVE security advisory associated with Noor Alam. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.