Browse all 7 CVE security advisories affecting Surbma. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Surbma is a web application primarily used for content management and e-commerce platforms. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting (XSS), and privilege escalation vulnerabilities. The application has accumulated 7 CVEs to date, with several critical flaws allowing attackers to execute arbitrary code or bypass security controls. While no major public security incidents have been widely reported, the consistent discovery of vulnerabilities in core functionality suggests ongoing security challenges that require regular patching and careful configuration to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-7649 | Surbma | Recent Comments Shortcode <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Surbma | Recent Comments ShortcodeCWE-79 | 6.4 | Medium | 2025-08-16 |
This page lists every published CVE security advisory associated with Surbma. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.