Browse all 31 CVE security advisories affecting Supsystic. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Supsystic develops WordPress plugins and themes, primarily focusing on data management, form building, and gallery creation for website administrators. The company’s software portfolio has been associated with thirty-one recorded Common Vulnerabilities and Exposures (CVEs), indicating a significant historical security footprint. These vulnerabilities predominantly involve Cross-Site Scripting (XSS), SQL Injection, and Remote Code Execution (RCE), often stemming from insufficient input validation and improper access controls within the plugin architecture. Several incidents highlight critical privilege escalation flaws that allow unauthenticated users to execute arbitrary code or modify site configurations. While the vendor has issued patches for many disclosed issues, the recurring nature of these defects suggests persistent challenges in secure coding practices. Security researchers continue to monitor Supsystic products for residual risks, particularly in older, unmaintained versions that remain widely deployed across the WordPress ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-24274 | Ultimate Maps by Supsystic < 1.2.5 - Reflected Cross-Site scripting (XSS) — Ultimate Maps by SupsysticCWE-79 | 6.1 | - | 2021-05-05 |
This page lists every published CVE security advisory associated with Supsystic. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.