Browse all 3 CVE security advisories affecting Stacks. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Stacks is a blockchain platform enabling decentralized applications and smart contracts using Clarity, a Bitcoin Layer-2 solution. Historically, vulnerabilities have included remote code execution flaws in smart contracts, cross-site scripting issues in web interfaces, and privilege escalation weaknesses in node implementations. Security characteristics include its reliance on Bitcoin's security model and formal verification for smart contracts. Notable incidents include a 2021 vulnerability allowing unauthorized token minting due to improper access controls, and a 2022 issue where insecure smart contracts enabled fund theft. These incidents highlight risks in smart contract design and node security, though the platform's integration with Bitcoin provides inherent stability against certain attack vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-50528 | WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Sensitive Data Exposure vulnerability — Stacks Mobile App BuilderCWE-497 | 7.5 | High | 2024-11-04 |
| CVE-2024-50527 | WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Arbitrary File Upload vulnerability — Stacks Mobile App BuilderCWE-434 | 10.0 | Critical | 2024-11-04 |
| CVE-2024-50477 | WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Account Takeover vulnerability — Stacks Mobile App BuilderCWE-288 | 9.8 | Critical | 2024-10-28 |
This page lists every published CVE security advisory associated with Stacks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.