Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tribulant — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting Tribulant. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tribulant develops WordPress and e-commerce plugins primarily for online stores and digital content management. Historically, their products have frequently contained vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues, often stemming from insufficient input validation and access control flaws. With 10 CVEs recorded, their plugins have repeatedly exposed users to risks including unauthorized administrative access and data breaches. Security researchers have consistently identified similar patterns across their offerings, indicating systemic weaknesses in secure coding practices. While no major public incidents have been widely documented, the consistent discovery of critical vulnerabilities in their software portfolio suggests ongoing security challenges that require immediate attention from users implementing their solutions.

Top products by Tribulant: Newsletters Slideshow Gallery Slideshow Gallery LITE
CVE IDTitleCVSSSeverityPublished
CVE-2024-43279 WordPress Newsletters plugin <= 4.9.8 - Cross Site Scripting (XSS) vulnerability — NewslettersCWE-79 7.1 High2024-08-18
CVE-2024-37227 WordPress Newsletters plugin <= 4.9.7 - Cross Site Request Forgery (CSRF) vulnerability — Newsletters 4.3 Medium2024-06-21
CVE-2024-35718 WordPress Newsletters plugin <= 4.9.5 - Reflected Cross Site Scripting (XSS) vulnerability — NewslettersCWE-79 7.1 High2024-06-08
CVE-2024-32954 WordPress Newsletters plugin <= 4.9.5 - Arbitrary File Upload vulnerability — NewslettersCWE-434 9.1 Critical2024-04-24
CVE-2024-31354 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Cross Site Request Forgery (CSRF) vulnerability — Slideshow GalleryCWE-352 4.3 Medium2024-04-12
CVE-2024-31355 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Auth. SQL Injection vulnerability — Slideshow GalleryCWE-89 8.5 High2024-04-10
CVE-2024-31353 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Sensitive Data Exposure vulnerability — Slideshow GalleryCWE-532 5.3 Medium2024-04-10
CVE-2023-28491 WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to SQL Injection — Slideshow Gallery LITECWE-89 6.7 Medium2023-12-20
CVE-2023-28497 WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to Cross Site Request Forgery (CSRF) — Slideshow Gallery LITECWE-352 5.4 Medium2023-11-12
CVE-2023-30478 WordPress Newsletters Plugin <= 4.8.8 is vulnerable to Cross Site Request Forgery (CSRF) — NewslettersCWE-352 5.4 Medium2023-11-10

This page lists every published CVE security advisory associated with Tribulant. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.