Browse all 3 CVE security advisories affecting Pods Framework Team. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Pods Framework Team develops a WordPress plugin for custom content management and application development, primarily used to create and manage custom post types, taxonomies, and fields. Historically, the team has addressed vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been documented, the three CVEs on record highlight recurring issues in sanitization and authentication. The framework's extensive integration with WordPress core and third-party plugins increases its attack surface, requiring continuous security hardening to prevent unauthorized access and data breaches.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-23790 | WordPress Pods Plugin <= 2.9.10.2 is vulnerable to Cross Site Request Forgery (CSRF) — Pods – Custom Content Types and FieldsCWE-352 | 7.1 | High | 2023-05-03 |
| CVE-2021-24339 | Pods < 2.7.27 - Authenticated Stored Cross-Site Scripting (XSS) — Pods – Custom Content Types and FieldsCWE-79 | 5.4 | - | 2021-06-21 |
| CVE-2021-24338 | Pods < 2.7.27 - Authenticated Stored Cross-Site Scripting (XSS) — Pods – Custom Content Types and FieldsCWE-79 | 5.4 | - | 2021-06-21 |
This page lists every published CVE security advisory associated with Pods Framework Team. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.