Browse all 8 CVE security advisories affecting Piotnet. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Piotnet is a WordPress plugin primarily used for building forms and pop-ups. Historically, it has been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues. The plugin's security record includes eight CVEs, with several critical RCE vulnerabilities allowing attackers to execute arbitrary code on affected sites. Piotnet's vulnerabilities often stem from insufficient input validation and improper permission checks. While no major public security incidents have been widely documented, the consistent discovery of critical flaws has led to its inclusion in multiple WordPress security advisories, highlighting ongoing concerns about its security posture.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-51412 | WordPress Piotnet Forms Plugin <= 1.0.25 is vulnerable to Arbitrary File Upload — Piotnet FormsCWE-434 | 9.0 | Critical | 2023-12-29 |
This page lists every published CVE security advisory associated with Piotnet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.