Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WP Shuffle — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting WP Shuffle. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WP Shuffle is a WordPress plugin for drag-and-drop page and template building. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The plugin's complex architecture and extensive use of shortcodes have contributed to these weaknesses. With seven CVEs recorded, security researchers have identified flaws in its access controls, input validation, and file handling mechanisms. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities across different versions suggests ongoing security challenges that require careful maintenance and prompt updates by site administrators.

Top products by WP Shuffle: WP Subscription Forms Subscribe to Download Lite Subscribe to Unlock Lite
CVE IDTitleCVSSSeverityPublished
CVE-2025-68563 WordPress Subscribe to Unlock Lite plugin <= 1.3.0 - Local File Inclusion vulnerability — Subscribe to Unlock LiteCWE-98 7.5 High2025-12-24
CVE-2025-39592 WordPress Subscribe to Unlock Lite plugin <= 1.3.0 - Local File Inclusion Vulnerability — Subscribe to Unlock LiteCWE-98 7.5 High2025-04-16
CVE-2025-39591 WordPress WP Subscription Forms plugin <= 1.2.3 - Broken Access Control Vulnerability — WP Subscription FormsCWE-862 5.4 Medium2025-04-16
CVE-2025-32692 WordPress WP Subscription Forms plugin <= 1.2.4 - Local File Inclusion Vulnerability — WP Subscription FormsCWE-98 7.5 High2025-04-09
CVE-2025-30782 WordPress Subscribe to Download Lite plugin <= 1.2.9 - Local File Inclusion vulnerability — Subscribe to Download LiteCWE-98 7.5 High2025-04-01
CVE-2025-30785 WordPress Subscribe to Download Lite plugin <= 1.2.9 - Local File Inclusion Vulnerability — Subscribe to Download LiteCWE-98 7.5 High2025-03-27
CVE-2025-30784 WordPress WP Subscription Forms plugin <= 1.2.3 - SQL Injection Vulnerability — WP Subscription FormsCWE-89 8.5 High2025-03-27

This page lists every published CVE security advisory associated with WP Shuffle. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.