Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tribulant Software — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting Tribulant Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tribulant Software develops e-commerce and content management solutions, with 10 CVEs recorded primarily involving remote code execution, cross-site scripting, and privilege escalation vulnerabilities. Historically, their products have shown weaknesses in input validation and access control, allowing attackers to execute unauthorized commands or compromise user accounts. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests potential risks for organizations using their platforms without proper hardening. Security researchers have identified multiple flaws that could lead to complete system compromise if exploited, emphasizing the need for regular patching and security assessments for deployments of their software.

Top products by Tribulant Software: Newsletters Slideshow Gallery Tribulant Gallery Voting Snow Storm
CVE IDTitleCVSSSeverityPublished
CVE-2025-67911 WordPress Newsletters plugin <= 4.11 - PHP Object Injection vulnerability — NewslettersCWE-502 9.8 Critical2026-01-08
CVE-2025-69020 WordPress Newsletters plugin <= 4.12 - Cross Site Scripting (XSS) vulnerability — NewslettersCWE-79 6.5 Medium2025-12-30
CVE-2025-54034 WordPress Newsletters plugin <= 4.10 - Local File Inclusion vulnerability — NewslettersCWE-98 7.5 High2025-08-20
CVE-2025-54035 WordPress Newsletters plugin <= 4.10 - Cross Site Request Forgery (CSRF) Vulnerability — NewslettersCWE-352 4.3 Medium2025-07-16
CVE-2025-30858 WordPress Snow Storm plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability — Snow StormCWE-79 7.1 High2025-04-03
CVE-2025-30921 WordPress Newsletters plugin <= 4.9.9.7 - SQL Injection vulnerability — NewslettersCWE-89 7.6 High2025-03-27
CVE-2025-26931 WordPress Tribulant Gallery Voting plugin <= 1.2.1 - CSRF to Stored XSS vulnerability — Tribulant Gallery VotingCWE-352 7.1 High2025-02-25
CVE-2025-24599 WordPress Newsletters plugin <= 4.9.9.6 - Reflected Cross Site Scripting (XSS) vulnerability — NewslettersCWE-79 7.1 High2025-02-04
CVE-2024-47346 WordPress Newsletters plugin <= 4.9.9.1 - Reflected Cross Site Scripting (XSS) vulnerability — NewslettersCWE-79 7.1 High2024-10-06
CVE-2024-47376 WordPress Slideshow Gallery LITE plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability — Slideshow GalleryCWE-79 5.9 Medium2024-10-05

This page lists every published CVE security advisory associated with Tribulant Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.