Browse all 5 CVE security advisories affecting SuitePlugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Suiteplugins develops WordPress extension suites for enhancing website functionality, with core use cases centered on expanding content management capabilities. Historically, the project has been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, often stemming from insufficient input validation and improper access controls. The five recorded CVEs highlight recurring patterns in sanitization and authentication mechanisms. While no major public security incidents have been documented, the consistent vulnerability profile suggests ongoing challenges in secure coding practices, particularly regarding user-supplied data handling and permission management within their plugin ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-32121 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.3 - SQL Injection vulnerability — Video & Photo Gallery for Ultimate MemberCWE-89 | 7.6 | High | 2025-04-04 |
| CVE-2025-22672 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.2 - Server Side Request Forgery (SSRF) vulnerability — Video & Photo Gallery for Ultimate MemberCWE-918 | 4.9 | Medium | 2025-03-27 |
| CVE-2025-30890 | WordPress Login Widget for Ultimate Member plugin <= 1.1.2 - Local File Inclusion vulnerability — Login Widget for Ultimate MemberCWE-98 | 7.5 | High | 2025-03-27 |
| CVE-2024-54370 | WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.0 - Arbitrary File Upload vulnerability — Video & Photo Gallery for Ultimate MemberCWE-434 | 9.9 | Critical | 2024-12-16 |
| CVE-2024-12162 | Video & Photo Gallery for Ultimate Member <= 1.1.1 - Reflected Cross-Site Scripting — Video & Photo Gallery for Ultimate MemberCWE-79 | 6.1 | Medium | 2024-12-12 |
This page lists every published CVE security advisory associated with SuitePlugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.