Browse all 3 CVE security advisories affecting Vark. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Vark is a web-based platform primarily used for creating and sharing interactive content. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues. The platform's security posture has been marked by consistent vulnerability patterns, with three CVEs documented to date. These issues typically stem from insufficient input validation and improper access controls. While no major public security incidents have been widely reported, the recurring nature of these vulnerabilities suggests ongoing challenges in secure development practices. The platform's interactive nature increases its attack surface, particularly for client-side exploits.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-41240 | WordPress Pricing Deals for WooCommercePricing Deals for WooCommerce plugin <= 2.0.3.2 - Broken Access Control vulnerability — Pricing Deals for WooCommerceCWE-862 | 5.3 | Medium | 2024-06-12 |
| CVE-2024-33949 | WordPress Min and Max Purchase for WooCommerce plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability — Min and Max Purchase for WooCommerceCWE-79 | 6.5 | Medium | 2024-05-02 |
| CVE-2023-30492 | WordPress Minimum Purchase for WooCommerce Plugin <= 2.0.0.1 is vulnerable to Cross Site Scripting (XSS) — Minimum Purchase for WooCommerceCWE-79 | 6.5 | Medium | 2023-10-26 |
This page lists every published CVE security advisory associated with Vark. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.