Browse all 18 CVE security advisories affecting PressTigers. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PressTigers is a digital marketing agency specializing in WordPress development and SEO services, with 18 CVEs recorded in its history. Common vulnerabilities include stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and insecure authentication mechanisms. The company's plugins have faced multiple security incidents, including a 2021 XSS vulnerability affecting over 10,000 sites and a 2019 RCE weakness in a popular SEO plugin. These issues highlight recurring patterns in sanitization and access control failures, posing risks to client websites and data. PressTigers has addressed some vulnerabilities through patches, but the historical pattern suggests ongoing challenges in secure coding practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-14039 | Simple Folio <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Client name' and 'Link' Meta Fields — Simple FolioCWE-79 | 6.4 | Medium | 2026-01-28 |
| CVE-2025-64256 | WordPress Simple Folio plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) vulnerability — Simple FolioCWE-352 | 4.3 | Medium | 2025-12-09 |
| CVE-2025-12151 | Simple Folio <= 1.1.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting — Simple FolioCWE-79 | 6.4 | Medium | 2025-11-27 |
This page lists every published CVE security advisory associated with PressTigers. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.