Browse all 15 CVE security advisories affecting VowelWeb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Vowelweb is a web application framework primarily used for building dynamic websites and web services. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 15 recorded CVEs. The framework's security posture has been characterized by inconsistent input validation and insufficient access controls in earlier versions. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities across multiple CVEs suggests ongoing challenges in secure coding practices. Recent versions have shown improved security, but legacy deployments may remain vulnerable to exploitation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-39385 | WordPress Sirat theme <= 1.5.1 - Broken Access Control vulnerability — SiratCWE-862 | 4.3 | Medium | 2025-04-24 |
This page lists every published CVE security advisory associated with VowelWeb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.