Browse all 5 CVE security advisories affecting Twinpictures. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Twinpictures develops digital asset management solutions primarily for media and creative industries, focusing on image and video organization. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. While no major public security incidents have been widely documented, the five CVEs attributed to the vendor highlight consistent weaknesses in authentication mechanisms and file handling processes. Their software typically requires hardening against unauthenticated RCE risks and insufficient session management protections, particularly in web-based components handling user-generated content.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-9884 | T(-) Countdown <= 2.4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — T(-) CountdownCWE-79 | 6.4 | Medium | 2024-10-30 |
| CVE-2024-33936 | WordPress Print-O-Matic plugin <= 2.1.10 - Auth. Cross Site Scripting (XSS) vulnerability — Print-O-MaticCWE-79 | 6.5 | Medium | 2024-05-03 |
| CVE-2024-33598 | WordPress Annual Archive plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability — Annual ArchiveCWE-79 | 5.9 | Medium | 2024-04-26 |
| CVE-2023-49847 | WordPress Annual Archive Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS) — Annual ArchiveCWE-79 | 6.5 | Medium | 2023-12-14 |
| CVE-2023-32578 | WordPress Column-Matic Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS) — Column-MaticCWE-79 | 6.5 | Medium | 2023-09-04 |
This page lists every published CVE security advisory associated with Twinpictures. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.