Browse all 3 CVE security advisories affecting Sumo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sumo is a log management and observability platform primarily used for centralized log collection, analysis, and monitoring across IT infrastructure. Historically, Sumo has been associated with vulnerabilities including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, often stemming from improper input validation and access control flaws. The platform typically requires internet exposure for log ingestion, creating potential attack surfaces. While no major public security incidents have been widely documented, the presence of three CVEs indicates ongoing security considerations for organizations implementing Sumo in their environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-25033 | WordPress Social Share Boost Plugin <= 4.5 is vulnerable to Cross Site Request Forgery (CSRF) — Social Share BoostCWE-352 | 5.4 | Medium | 2023-10-06 |
| CVE-2023-25044 | WordPress Social Share Boost Plugin <= 4.4 is vulnerable to Cross Site Scripting (XSS) — Social Share BoostCWE-79 | 5.9 | Medium | 2023-09-01 |
| CVE-2023-23688 | WordPress Social Share Boost Plugin <= 4.4 is vulnerable to Cross Site Scripting (XSS) — Social Share BoostCWE-79 | 6.5 | Medium | 2023-05-15 |
This page lists every published CVE security advisory associated with Sumo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.