Browse all 5 CVE security advisories affecting Rocket Apps. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Rocket Apps develops mobile and web applications with a focus on productivity and business solutions. Historically, the organization has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues, with five CVEs documented to date. Security assessments reveal inconsistent input validation and insufficient access controls in their software. While no major public security incidents have been reported, the consistent pattern of vulnerabilities suggests a need for enhanced security testing protocols. Their applications handle sensitive business data, making proper vulnerability mitigation critical for their user base.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-39350 | WordPress wProject theme < 5.8.0 - Unauthenticated Post/Comment/Attachment Modification/Deletion vulnerability — wProjectCWE-862 | 8.2 | High | 2025-05-19 |
| CVE-2025-39365 | WordPress wProject theme < 5.8.0 - Reflected Cross Site Scripting (XSS) vulnerability — wProjectCWE-79 | 7.1 | High | 2025-05-19 |
| CVE-2025-39366 | WordPress wProject theme < 5.8.0 - Subscriber+ Privilege Escalation vulnerability — wProjectCWE-266 | 8.8 | High | 2025-05-19 |
This page lists every published CVE security advisory associated with Rocket Apps. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.