Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WP CodeUs — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting WP CodeUs. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WP Codeus is a WordPress plugin that provides code execution and management functionality for developers. Historically, it has been associated with multiple critical vulnerabilities including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation issues. The plugin's security record shows seven CVEs, with several allowing unauthenticated attackers to execute arbitrary code or manipulate site functionality. Notable characteristics include improper input validation and insufficient access controls in its core functions. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities across multiple versions indicates ongoing security challenges that require careful implementation and regular updates by users.

Top products by WP CodeUs: Advanced Sermons WP Proposals Ultimate Client Dash
CVE IDTitleCVSSSeverityPublished
CVE-2025-57965 WordPress WP Proposals Plugin <= 2.3 - Cross Site Scripting (XSS) Vulnerability — WP ProposalsCWE-79 6.5 Medium2025-09-22
CVE-2025-58811 WordPress Ultimate Client Dash Plugin <= 4.7 - Cross Site Scripting (XSS) Vulnerability — Ultimate Client DashCWE-79 5.9 Medium2025-09-05
CVE-2025-49863 WordPress Advanced Sermons plugin <= 3.6 - Cross Site Scripting (XSS) Vulnerability — Advanced SermonsCWE-79 6.5 Medium2025-06-17
CVE-2025-31837 WordPress WP Proposals plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability — WP ProposalsCWE-79 5.9 Medium2025-04-01
CVE-2024-50458 WordPress Advanced Sermons plugin <= 3.4 - Cross Site Scripting (XSS) vulnerability — Advanced SermonsCWE-79 6.5 Medium2024-10-28
CVE-2024-29928 WordPress Advanced Sermons plugin <= 3.1 - Reflected Cross Site Scripting (XSS) vulnerability — Advanced SermonsCWE-79 7.1 High2024-03-27
CVE-2024-27952 WordPress Advanced Sermons plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability — Advanced SermonsCWE-79 7.1 High2024-03-13

This page lists every published CVE security advisory associated with WP CodeUs. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.