Browse all 5 CVE security advisories affecting VaultDweller. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Vaultdweller primarily develops security tools and vulnerability research, focusing on identifying and mitigating software flaws. Historically, their work has centered on remote code execution, cross-site scripting, and privilege escalation vulnerabilities across various platforms. Notable characteristics include detailed technical analysis and proof-of-concept code for discovered issues. While no major public incidents are directly attributed to vaultdweller, their contributions to the CVE program demonstrate consistent engagement with the security community. Their research often targets widely-used software, highlighting critical weaknesses that could lead to system compromise if unaddressed.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-52805 | WordPress Leyka plugin <= 3.32.1 - Local File Inclusion vulnerability — LeykaCWE-35 | 7.5 | High | 2025-07-04 |
| CVE-2025-53275 | WordPress Leyka plugin <= 3.32.1 - Cross Site Scripting (XSS) vulnerability — LeykaCWE-79 | 6.5 | Medium | 2025-06-27 |
| CVE-2025-26766 | WordPress Leyka plugin <= 3.31.8 - Cross Site Scripting (XSS) vulnerability — LeykaCWE-79 | 6.5 | Medium | 2025-02-16 |
| CVE-2024-49252 | WordPress leyka plugin <=3.31.6 - Broken Access Control vulnerability — LeykaCWE-497 | 5.3 | Medium | 2024-10-16 |
| CVE-2023-4917 | Leyka <= 3.30.7 - Authenticated (Subscriber+) Sensitive Information Exposure — LeykaCWE-200 | 5.3 | Medium | 2023-09-13 |
This page lists every published CVE security advisory associated with VaultDweller. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.