Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

NotFound — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting NotFound. AI-powered Chinese analysis, POCs, and references for each vulnerability.

NotFound operates as a specialized software development firm, primarily delivering enterprise-grade web application frameworks and content management solutions. Its core business centers on providing scalable infrastructure for digital platforms, though this complexity has historically exposed it to significant security scrutiny. Analysis of its twenty-one recorded Common Vulnerabilities and Exposures (CVEs) reveals a pattern of critical flaws, predominantly involving remote code execution and cross-site scripting. These vulnerabilities often stem from insufficient input validation and improper access controls within its framework components. While no single catastrophic data breach has been publicly attributed to these specific CVEs, the recurring nature of privilege escalation issues suggests systemic weaknesses in authentication mechanisms. The company has addressed many of these defects through routine patch cycles, yet the high volume of historical findings indicates that rigorous security auditing remains an ongoing challenge for its development lifecycle.

Top products by NotFound: WPJobBoard Hero Mega Menu - Responsive WordPress Menu Plugin Bridge Core Admin and Site Enhancements (ASE) Pro Pie Register Premium Brizy Pro Ad Inserter Pro Chaty Pro Callback Request PrivateContent Macro Calculator with Admin Email Optin & Data Global Gallery Unlimited Timeline
CVE IDTitleCVSSSeverityPublished
CVE-2025-30967 WordPress WPJobBoard plugin < 5.11.1 - CSRF to Remote Code Execution (RCE) vulnerability — WPJobBoardCWE-352 9.6 Critical2025-04-15
CVE-2025-30966 WordPress WPJobBoard plugin < 5.11.1 - Path Traversal vulnerability — WPJobBoardCWE-35 5.4 Medium2025-04-15
CVE-2025-27008 WordPress Unlimited Timeline < 1.6.1 - Broken Access Control Vulnerability — Unlimited TimelineCWE-862 7.5 High2025-04-15
CVE-2025-26730 WordPress Macro Calculator with Admin Email Optin & Data plugin <= 1.0 - Multiple Vulnerabilities vulnerability — Macro Calculator with Admin Email Optin & DataCWE-497 7.5 High2025-04-15
CVE-2025-22263 WordPress Global Gallery plugin <= 8.8.0 - Reflected Cross Site Scripting (XSS) vulnerability — Global GalleryCWE-79 7.1 High2025-04-15
CVE-2025-30965 WordPress WPJobBoard plugin < 5.11.1 - Multiple Cross Site Request Forgery (CSRF) vulnerabilities vulnerability — WPJobBoardCWE-352 4.3 Medium2025-04-15
CVE-2025-31409 WordPress Bridge Core plugin < 3.3.1 - Cross Site Scripting (XSS) vulnerability — Bridge CoreCWE-79 6.5 Medium2025-04-01
CVE-2025-26972 WordPress PrivateContent plugin <= 8.11.5 - Reflected Cross Site Scripting (XSS) vulnerability — PrivateContentCWE-79 7.1 High2025-03-15
CVE-2025-26940 WordPress Pie Register Premium plugin <= 3.8.3.2 - Path Traversal to Non-Arbitrary File Deletion vulnerability — Pie Register PremiumCWE-35 6.3 Medium2025-03-15
CVE-2025-25129 WordPress Callback Request plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability — Callback RequestCWE-79 7.1 High2025-03-03
CVE-2025-26948 WordPress Pie Register Premium plugin <= 3.8.3.2 - Broken Access Control vulnerability — Pie Register PremiumCWE-862 4.3 Medium2025-02-25
CVE-2025-26776 WordPress Chaty Pro Plugin <= 3.3.3 - Arbitrary File Upload vulnerability — Chaty ProCWE-434 10.0 Critical2025-02-22
CVE-2025-22680 WordPress Ad Inserter Pro plugin <= 2.7.39 - Reflected Cross Site Scripting (XSS) vulnerability — Ad Inserter ProCWE-79 7.1 High2025-02-16
CVE-2024-43333 WordPress Admin and Site Enhancements (ASE) Pro Plugin <= 7.6.2.1 - Privilege Escalation vulnerability — Admin and Site Enhancements (ASE) ProCWE-266 7.5 High2025-02-03
CVE-2025-24781 WordPress WPJobBoard plugin <= 5.10.1 - Reflected Cross Site Scripting (XSS) vulnerability — WPJobBoardCWE-79 7.1 High2025-02-03
CVE-2025-24744 WordPress Bridge Core plugin <= 3.3 - Broken Access Control vulnerability — Bridge CoreCWE-862 4.3 Medium2025-01-27
CVE-2025-24653 WordPress Admin and Site Enhancements (ASE) Pro Plugin <= 7.6.1.1 - Broken Access Control vulnerability — Admin and Site Enhancements (ASE) ProCWE-862 4.3 Medium2025-01-27
CVE-2025-22763 WordPress Brizy Pro Plugin <= 2.6.1 - Reflected Cross Site Scripting (XSS) vulnerability — Brizy ProCWE-79 7.1 High2025-01-21
CVE-2024-49303 WordPress Hero Menu plugin <= 1.16.5 - SQL Injection vulnerability — Hero Mega Menu - Responsive WordPress Menu PluginCWE-89 8.5 High2025-01-21
CVE-2024-49333 WordPress Hero Menu plugin <= 1.16.5 - SQL Injection vulnerability — Hero Mega Menu - Responsive WordPress Menu PluginCWE-89 8.5 High2025-01-21
CVE-2024-49300 WordPress Hero Menu plugin <= 1.16.5 - Cross Site Scripting (XSS) vulnerability — Hero Mega Menu - Responsive WordPress Menu PluginCWE-79 7.1 High2025-01-21

This page lists every published CVE security advisory associated with NotFound. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.