Browse all 4 CVE security advisories affecting Spencer Haws. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Spencer Haws develops web applications and content management systems, with a core use case in digital marketing and SEO tools. Historically, vulnerabilities associated with this developer include stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been documented, the four CVEs on record highlight recurring issues in sanitizing user-supplied data and managing authentication mechanisms. These vulnerabilities typically allow attackers to execute arbitrary code, manipulate content, or elevate privileges within affected applications, emphasizing the need for robust input handling and secure coding practices in this developer's ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-22357 | WordPress Link Whisper Free plugin <= 0.9.2 - Cross Site Scripting (XSS) vulnerability — Link Whisper FreeCWE-79 | 7.1 | High | 2026-02-20 |
| CVE-2025-67927 | WordPress Link Whisper Free plugin <= 0.8.8 - Cross Site Scripting (XSS) vulnerability — Link Whisper FreeCWE-79 | 7.1 | High | 2026-01-08 |
| CVE-2025-62970 | WordPress Link Whisper Free plugin <= 0.9.2 - Broken Access Control vulnerability — Link Whisper FreeCWE-862 | 5.3 | Medium | 2025-10-27 |
| CVE-2025-22306 | WordPress Link Whisper Free plugin <= 0.7.7 - Sensitive Data Exposure vulnerability — Link Whisper FreeCWE-538 | 5.3 | Medium | 2025-01-07 |
This page lists every published CVE security advisory associated with Spencer Haws. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.