Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Shamalli — Vulnerabilities & Security Advisories 5

Browse all 5 CVE security advisories affecting Shamalli. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Shamalli is a web application framework primarily used for building content management systems and e-commerce platforms. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure default configurations. The framework's modular architecture introduces additional attack surfaces through third-party plugins. While no major public security incidents have been widely documented, its CVE history reveals consistent patterns of authentication bypass flaws and insecure object references. Developers implementing Shamalli should prioritize hardening configurations and applying security patches promptly, as the framework's popularity continues to make it a target for automated exploitation tools.

Top products by Shamalli: Web Directory Free
CVE IDTitleCVSSSeverityPublished
CVE-2025-69018 WordPress Web Directory Free plugin <= 1.7.12 - Cross Site Scripting (XSS) vulnerability — Web Directory FreeCWE-79 6.5 Medium2025-12-30
CVE-2025-39567 WordPress Web Directory Free plugin <= 1.7.8 - Reflected Cross Site Scripting (XSS) vulnerability — Web Directory FreeCWE-79 7.1 High2025-04-17
CVE-2025-30908 WordPress Web Directory Free plugin <= 1.7.6 - CSRF to Cross Site Scripting (XSS) vulnerability — Web Directory FreeCWE-352 7.1 High2025-04-03
CVE-2025-28904 WordPress Web Directory Free plugin <= 1.7.6 - SQL Injection vulnerability — Web Directory FreeCWE-89 9.3 Critical2025-03-25
CVE-2024-47379 WordPress Web Directory Free plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability — Web Directory FreeCWE-79 7.1 High2024-10-05

This page lists every published CVE security advisory associated with Shamalli. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.