Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Pagup — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting Pagup. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Pagup is a web-based platform primarily used for content management and collaboration. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, accounting for its eight recorded CVEs. The platform's security posture has been characterized by insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in these categories suggests potential risks for organizations relying on the software. Regular security assessments and prompt patching are recommended for implementations handling sensitive data.

Top products by Pagup: WP Google Street View (with 360° virtual tour) & Google maps + Local SEO WordPress Robots.txt optimization Ads.txt & App-ads.txt Manager for WordPress Automatic Internal Links for SEO by Pagup WP Google Street View Bulk Auto Image Title Attribute Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO)
CVE IDTitleCVSSSeverityPublished
CVE-2026-0563 WP Google Street View (with 360° virtual tour) & Google maps + Local SEO <= 1.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'wpgsv_map' Shortcode — WP Google Street View (with 360° virtual tour) & Google maps + Local SEOCWE-79 6.4 Medium2026-01-09
CVE-2025-15019 BIALTY - Bulk Image Alt Text (Alt tag, Alt Attribute) with Yoast SEO + WooCommerce <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Bulk Auto Image Alt Text (Alt tag, Alt attribute) optimizer (image SEO)CWE-79 6.4 Medium2026-01-09
CVE-2025-62921 WordPress Bulk Auto Image Title Attribute plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability — Bulk Auto Image Title AttributeCWE-79 6.5 Medium2025-10-27
CVE-2025-30799 WordPress WP Google Street View plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability — WP Google Street ViewCWE-79 5.9 Medium2025-03-27
CVE-2024-13542 WP Google Street View (with 360° virtual tour) & Google maps + Local SEO <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP Google Street View (with 360° virtual tour) & Google maps + Local SEOCWE-79 6.4 Medium2025-01-24
CVE-2024-11009 Internal Linking for SEO traffic & Ranking – Auto internal links (100% automatic) <= 1.2.1 - Authenticated (Administrator+) SQL Injection via post_id Parameter — Automatic Internal Links for SEO by PagupCWE-89 4.9 Medium2024-11-27
CVE-2024-50415 WordPress Ads.txt & App-ads.txt Manager for WordPress plugin <= 1.1.7.1 - Stored Cross Site Scripting (XSS) vulnerability — Ads.txt & App-ads.txt Manager for WordPressCWE-79 5.9 Medium2024-10-29
CVE-2023-25706 WordPress Robots.txt optimization plugin <= 1.4.5 is vulnerable to Cross Site Request Forgery (CSRF) — WordPress Robots.txt optimizationCWE-352 5.4 Medium2023-07-11

This page lists every published CVE security advisory associated with Pagup. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.