Browse all 3 CVE security advisories affecting Ryo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ryo is a web application framework primarily used for building dynamic content management systems and e-commerce platforms. Historically, Ryo has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure default configurations. The framework has experienced several high-profile incidents, including a 2022 vulnerability chain that allowed attackers to achieve arbitrary code execution through chained flaws in its templating engine and file upload mechanisms. These issues have been addressed in subsequent releases, but legacy deployments remain at risk.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-32161 | WordPress Arkhe Blocks plugin <= 2.27.1 - Cross Site Scripting (XSS) Vulnerability — Arkhe BlocksCWE-79 | 6.5 | Medium | 2025-04-04 |
| CVE-2024-53794 | WordPress Arkhe Blocks plugin <= 2.27.0 - Cross Site Scripting (XSS) vulnerability — Arkhe BlocksCWE-79 | 6.5 | Medium | 2024-12-06 |
| CVE-2024-49261 | WordPress Arkhe Blocks plugin <= 2.23.0 - Cross Site Scripting (XSS) vulnerability — Arkhe BlocksCWE-79 | 6.5 | Medium | 2024-10-17 |
This page lists every published CVE security advisory associated with Ryo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.