Browse all 3 CVE security advisories affecting WP Sharks. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WP Sharks develops WordPress security plugins focused on protecting websites from common threats. Historically, their products have been associated with multiple remote code execution vulnerabilities, cross-site scripting issues, and privilege escalation flaws, with three CVEs currently documented. Their security implementations often involve input validation and access control mechanisms. While no major public security incidents have been widely reported, their vulnerability history suggests a pattern of insufficient sanitization in user-facing components. The company's core value proposition centers on providing automated protection for WordPress sites, though their security track record indicates ongoing challenges in preventing common web application vulnerabilities in their plugin ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12563 | s2Member Pro <= 250214 - Authenticated (Contributor+) Local File Inclusion to Remote Code Execution via Shortcode — s2Member ProCWE-98 | 8.8 | High | 2025-03-18 |
| CVE-2024-12562 | s2Member Pro <= 241216 - Unauthenticated PHP Object Injection — s2Member ProCWE-502 | 9.8 | Critical | 2025-02-15 |
| CVE-2024-31237 | WordPress s2Member plugin <= 240315 - Privilege Escalation vulnerability — s2Member ProCWE-269 | 7.5 | High | 2024-05-17 |
This page lists every published CVE security advisory associated with WP Sharks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.