Supsystic 厂商漏洞列表 / CVE 中文分析 31

Supsystic 厂商相关 31 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

Supsystic 主要开发 WordPress 插件，涵盖表单、表格及日历等组件。其历史漏洞多集中于跨站脚本（XSS）、任意文件读取及未授权访问，部分版本存在远程代码执行风险。截至最新统计，已收录 31 条 CVE。该厂商产品因集成度高且用户基数大，常成为攻击者利用配置缺陷或逻辑漏洞的目标，建议用户及时更新以修复已知安全缺陷，降低潜在风险。

上位製品 Supsystic: Contact Form by Supsystic Popup by Supsystic Slider by Supsystic Easy Google Maps Ultimate Maps by Supsystic Social Share Buttons by Supsystic (WordPress plugin) Digital Publications by Supsystic Data Tables Generator by Supsystic Popup Plugin Photo Gallery by Supsystic (WordPress plugin) Coming Soon by Supsystic GDPR Cookie Consent by Supsystic Photo Gallery by Supsystic Data Tables Generator Pricing Table by Supsystic

CVEs 31

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2025-52753	WordPress Contact Form by Supsystic plugin <= 1.7.36 - Cross Site Scripting (XSS) vulnerability — Contact Form by SupsysticCWE-79	7.1	High	2025-10-22
CVE-2025-32138	WordPress Easy Google Maps plugin <= 1.11.18 - XML External Entity vulnerability — Easy Google MapsCWE-611	6.6	Medium	2025-04-04
CVE-2024-56253	WordPress Data Tables Generator by Supsystic plugin <= 1.10.36 - Broken Access Control vulnerability — Data Tables Generator by SupsysticCWE-862	5.4	Medium	2025-01-02
CVE-2023-51353	WordPress Popup by Supsystic plugin <= 1.10.19 - Broken Access Control vulnerability — Popup by SupsysticCWE-862	5.3	Medium	2024-12-09
CVE-2024-52434	WordPress Popup by Supsystic plugin <= 1.10.29 - Remote Code Execution (RCE) vulnerability — Popup by SupsysticCWE-82	9.1	Critical	2024-11-18
CVE-2024-48046	WordPress Contact Form by Supsystic plugin <= 1.7.28 - Cross Site Scripting (XSS) vulnerability — Contact Form by SupsysticCWE-79	5.9	Medium	2024-10-17
CVE-2024-48042	WordPress Contact Form by Supsystic plugin <= 1.7.28 - Remote Code Execution (RCE) vulnerability — Contact Form by SupsysticCWE-82	9.1	Critical	2024-10-16
CVE-2024-47330	Broken Access Control vulnerability on multiple WordPress plugins by Supsystic — Slider by SupsysticCWE-862	4.3	Medium	2024-09-26
CVE-2024-32790	WordPress Pricing Table by Supsystic plugin <= 1.9.12 - Content Injection vulnerability — Pricing Table by SupsysticCWE-80	4.3	Medium	2024-05-17
CVE-2024-33910	WordPress Digital Publications by Supsystic plugin <= 1.7.7 - Broken Access Control vulnerability — Digital Publications by SupsysticCWE-862	5.3	Medium	2024-05-06
CVE-2024-32829	WordPress Data Tables Generator by Supsystic plugin <= 1.10.31 - Broken Access Control vulnerability — Data Tables Generator by SupsysticCWE-862	4.3	Medium	2024-04-26
CVE-2023-25043	WordPress Data Tables Generator by Supsystic Plugin <= 1.10.25 is vulnerable to Broken Access Control — Data Tables GeneratorCWE-863	4.3	Medium	2024-04-17
CVE-2024-31421	WordPress Popup by Supsystic plugin <= 1.10.27 - Broken Access Control vulnerability — Popup by SupsysticCWE-862	4.3	Medium	2024-04-15
CVE-2024-32089	WordPress Digital Publications by Supsystic plugin <= 1.7.7 - Cross Site Request Forgery (CSRF) vulnerability — Digital Publications by SupsysticCWE-352	4.3	Medium	2024-04-15
CVE-2024-31269	WordPress Easy Google Maps plugin <= 1.11.11 - Cross Site Request Forgery (CSRF) vulnerability — Easy Google MapsCWE-352	4.3	Medium	2024-04-12
CVE-2024-31271	WordPress Ultimate Maps plugin <= 1.2.16 - Cross Site Request Forgery vulnerability — Ultimate Maps by SupsysticCWE-352	4.3	Medium	2024-04-12
CVE-2024-30448	WordPress Slider by Supsystic plugin <= 1.8.10 - Cross Site Scripting (XSS) vulnerability — Slider by SupsysticCWE-79	5.9	Medium	2024-03-29
CVE-2024-30237	WordPress Slider by Supsystic plugin <= 1.8.10 - SQL Injection vulnerability — Slider by SupsysticCWE-89	7.6	High	2024-03-28
CVE-2024-29921	WordPress Photo Gallery by Supsystic plugin <= 1.15.16 - Cross Site Scripting (XSS) vulnerability — Photo Gallery by SupsysticCWE-79	5.9	Medium	2024-03-27
CVE-2023-49191	WordPress GDPR Cookie Consent by Supsystic Plugin <= 2.1.2 is vulnerable to Cross Site Scripting (XSS) — GDPR Cookie Consent by SupsysticCWE-79	5.9	Medium	2023-12-15
CVE-2023-45068	WordPress Contact Form by Supsystic Plugin <= 1.7.27 is vulnerable to Cross Site Request Forgery (CSRF) — Contact Form by SupsysticCWE-352	5.4	Medium	2023-10-12
CVE-2023-33926	WordPress Easy Google Maps Plugin <= 1.11.7 is vulnerable to Cross Site Request Forgery (CSRF) — Easy Google MapsCWE-352	7.1	High	2023-05-28
CVE-2023-22714	WordPress Coming Soon by Supsystic Plugin <= 1.7.10 is vulnerable to Cross Site Request Forgery (CSRF) — Coming Soon by SupsysticCWE-352	4.3	Medium	2023-05-22
CVE-2022-47155	WordPress Slider by Supsystic Plugin <= 1.8.5 is vulnerable to Cross Site Request Forgery (CSRF) — Slider by SupsysticCWE-352	4.3	Medium	2023-03-14
CVE-2022-27235	WordPress Social Share Buttons by Supsystic plugin <= 2.2.3 - Multiple Broken Access Control vulnerabilities — Social Share Buttons by Supsystic (WordPress plugin)CWE-264	6.3	Medium	2022-07-22
CVE-2022-33960	WordPress Social Share Buttons by Supsystic plugin <= 2.2.3 - Multiple Authenticated SQL Injection (SQLi) vulnerabilities — Social Share Buttons by Supsystic (WordPress plugin)CWE-89	8.5	High	2022-07-22
CVE-2017-20065	Supsystic Popup Plugin cross-site request forgery — Popup PluginCWE-352	4.3	Medium	2022-06-20
CVE-2021-36891	WordPress Photo Gallery by Supsystic plugin <= 1.15.5 - Cross-Site Request Forgery (CSRF) leading to Plugin Settings Change — Photo Gallery by Supsystic (WordPress plugin)CWE-352	5.4	Medium	2022-06-15
CVE-2021-24276	Contact Form by Supsystic < 1.7.15 - Reflected Cross-Site scripting (XSS) — Contact Form by SupsysticCWE-79	6.1	-	2021-05-05
CVE-2021-24275	Popup by Supsystic < 1.10.5 - Reflected Cross-Site scripting (XSS) — Popup by SupsysticCWE-79	6.1	-	2021-05-05

本页汇总了 Supsystic 厂商截至目前公开的全部 31 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

Supsystic 厂商漏洞列表 / CVE 中文分析 31

目標達成すべての支援者に感謝 — 100%達成しました！