Browse all 10 CVE security advisories affecting Tribulant. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Tribulant develops WordPress and e-commerce plugins primarily for online stores and digital content management. Historically, their products have frequently contained vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues, often stemming from insufficient input validation and access control flaws. With 10 CVEs recorded, their plugins have repeatedly exposed users to risks including unauthorized administrative access and data breaches. Security researchers have consistently identified similar patterns across their offerings, indicating systemic weaknesses in secure coding practices. While no major public incidents have been widely documented, the consistent discovery of critical vulnerabilities in their software portfolio suggests ongoing security challenges that require immediate attention from users implementing their solutions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-28491 | WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to SQL Injection — Slideshow Gallery LITECWE-89 | 6.7 | Medium | 2023-12-20 |
| CVE-2023-28497 | WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to Cross Site Request Forgery (CSRF) — Slideshow Gallery LITECWE-352 | 5.4 | Medium | 2023-11-12 |
This page lists every published CVE security advisory associated with Tribulant. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.