Browse all 3 CVE security advisories affecting Skymoonlabs. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Skymoonlabs develops security testing tools with a core focus on identifying vulnerabilities in web applications and APIs. Historically, their products have commonly been associated with Remote Code Execution (RCE) and Cross-Site Scripting (XSS) vulnerabilities, often stemming from improper input validation. The organization has demonstrated security characteristics including insufficient access controls in administrative interfaces, leading to privilege escalation risks. While no major public security incidents have been widely documented, their three recorded CVEs highlight recurring patterns in authentication bypass flaws and insecure default configurations that could compromise system integrity if unaddressed.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-25912 | WordPress MoveTo plugin <= 6.2 - Unauthenticated Arbitrary WordPress Settings Change vulnerability — MoveToCWE-862 | 9.8 | Critical | 2024-03-21 |
| CVE-2024-25910 | WordPress MoveTo Plugin <= 6.2 is vulnerable to SQL Injection — MoveToCWE-89 | 9.8 | Critical | 2024-02-28 |
| CVE-2024-25913 | WordPress MoveTo Plugin <= 6.2 is vulnerable to Arbitrary File Upload — MoveToCWE-434 | 10.0 | Critical | 2024-02-26 |
This page lists every published CVE security advisory associated with Skymoonlabs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.