Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Shahjada — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting Shahjada. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Shahjada is a web application primarily used for content management and e-commerce platforms. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The application has 15 CVEs on record, with several critical flaws allowing unauthorized access and data breaches. Notable characteristics include insufficient input validation and insecure default configurations. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for unpatched implementations. Regular updates and proper hardening are recommended to mitigate these security concerns.

Top products by Shahjada: Download Manager WPDM – Premium Packages Live Forms Visitor Stats Widget Download Manager Addons for Elementor
CVE IDTitleCVSSSeverityPublished
CVE-2026-39676 WordPress Download Manager plugin <= 3.3.52 - Broken Access Control vulnerability — Download ManagerCWE-862 5.3 Medium2026-04-08
CVE-2026-39615 WordPress Download Manager plugin <= 3.3.53 - Cross Site Scripting (XSS) vulnerability — Download ManagerCWE-79 5.9 Medium2026-04-08
CVE-2026-24956 WordPress Download Manager Addons for Elementor plugin <= 1.3.0 - SQL Injection vulnerability — Download Manager Addons for ElementorCWE-89 9.3 Critical2026-02-20
CVE-2025-68874 WordPress Visitor Stats Widget plugin <= 1.5.0 - Reflected Cross Site Scripting (XSS) vulnerability — Visitor Stats WidgetCWE-79 7.1 High2026-01-08
CVE-2025-63070 WordPress Download Manager plugin <= 3.3.32 - Sensitive Data Exposure vulnerability — Download ManagerCWE-497 4.3 Medium2025-12-09
CVE-2025-60093 WordPress Download Manager Plugin <= 3.3.24 - Cross Site Request Forgery (CSRF) Vulnerability — Download ManagerCWE-352 4.3 Medium2025-09-26
CVE-2025-60092 WordPress Download Manager Plugin <= 3.3.25 - Sensitive Data Exposure Vulnerability — Download ManagerCWE-497 5.3 Medium2025-09-26
CVE-2025-54732 WordPress WPDM – Premium Packages Plugin <= 6.0.2 - Cross Site Request Forgery (CSRF) Vulnerability — WPDM – Premium PackagesCWE-352 4.3 Medium2025-08-14
CVE-2025-30991 WordPress Premium Packages plugin <= 6.0.6 - Cross Site Scripting (XSS) Vulnerability — WPDM – Premium PackagesCWE-79 6.5 Medium2025-06-06
CVE-2025-39560 WordPress Live Forms plugin <= 4.8.4 - Broken Access Control vulnerability — Live FormsCWE-862 5.4 Medium2025-04-16
CVE-2025-32279 WordPress Live Forms plugin <= 4.8.5 - Broken Access Control vulnerability — Live FormsCWE-862 4.3 Medium2025-04-08
CVE-2025-30809 WordPress WordPress Contact Form, Drag and Drop Form Builder Plugin – Live Forms plugin <= 4.8.4 - Settings Change vulnerability — Live FormsCWE-862 5.4 Medium2025-03-27
CVE-2025-24659 WordPress Premium Packages – Sell Digital Products Securely plugin <= 5.9.6 - SQL Injection vulnerability — WPDM – Premium PackagesCWE-89 7.6 High2025-01-24
CVE-2024-56217 WordPress Download Manager plugin <= 3.3.03 - Broken Access Control vulnerability — Download ManagerCWE-862 4.3 Medium2024-12-31
CVE-2024-52435 WordPress Premium Packages – Sell Digital Products Securely plugin <= 6.0.5 - SQL Injection vulnerability — WPDM – Premium PackagesCWE-89 7.6 High2024-11-18

This page lists every published CVE security advisory associated with Shahjada. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.