Browse all 3 CVE security advisories affecting Sygnoos. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sygnoos provides API security testing solutions focused on identifying vulnerabilities in web services. Historically, the platform has been associated with common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. Security characteristics center on automated API scanning with three publicly disclosed CVEs to date, primarily related to input validation bypasses and insecure direct object references. While no major security incidents have been widely reported, the CVE history suggests consistent challenges in handling complex API authentication mechanisms and parameter sanitization. The platform's effectiveness remains dependent on regular updates to address emerging API attack vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-1685 | Social Media Share Buttons <= 2.1.0 - Authenticated (Subscriber+) PHP Object Injection — Social Media Share ButtonsCWE-502 | 8.8 | High | 2024-03-16 |
| CVE-2022-29495 | WordPress Popup Builder plugin <= 4.1.11 - Cross-Site Request Forgery (CSRF) leading to plugin settings update — Popup Builder (WordPress plugin)CWE-352 | 5.4 | Medium | 2022-07-22 |
| CVE-2022-32289 | WordPress Popup Builder plugin <= 4.1.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to Popup Status Change — Popup Builder (WordPress plugin)CWE-352 | 5.4 | Medium | 2022-07-21 |
This page lists every published CVE security advisory associated with Sygnoos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.