Browse all 17 CVE security advisories affecting PeepSo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PeepSo is a WordPress plugin enabling social network functionality on websites. Historically, it has faced multiple security issues with 17 CVEs recorded, commonly involving stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation vulnerabilities. These flaws often stem from insufficient input validation and improper access controls. Notable characteristics include its extensive user base and frequent updates addressing security findings. The plugin's popularity has made it a target for exploitation, with some vulnerabilities allowing complete site compromise. While recent versions have improved security, the historical vulnerability count remains a concern for administrators implementing this solution.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-31251 | WordPress Community by PeepSo plugin <= 6.3.1.1 - Cross Site Request Forgery (CSRF) vulnerability — Community by PeepSoCWE-352 | 4.3 | Medium | 2024-04-12 |
| CVE-2024-25923 | WordPress Community by PeepSo plugin <= 6.2.7.0 - Sensitive Data Exposure via Log File vulnerability — Community by PeepSoCWE-532 | 5.3 | Medium | 2024-03-28 |
| CVE-2023-27630 | WordPress Community by PeepSo plugin <= 6.0.9.0 - Server Information Disclosure — Community by PeepSoCWE-200 | 5.3 | Medium | 2024-03-26 |
| CVE-2023-25967 | WordPress Community by PeepSo Plugin <= 6.0.2.0 is vulnerable to Cross Site Request Forgery (CSRF) — Community by PeepSoCWE-352 | 4.3 | Medium | 2023-05-03 |
This page lists every published CVE security advisory associated with PeepSo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.