Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPBean — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting WPBean. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wpbean develops WordPress-focused security plugins and tools, primarily aimed at hardening websites against common web threats. Historically, its products have been associated with multiple security vulnerabilities, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation issues, with 12 CVEs documented to date. These vulnerabilities often stem from insufficient input validation and improper access controls in plugin interfaces. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests ongoing challenges in secure development practices, potentially leaving users exposed to compromise if proper hardening measures aren't implemented.

Top products by WPBean: WPB Addons for Elementor – News Ticker, Timeline, Team & More Widgets WPB Elementor Addons WPB Popup for Contact Form 7 – Showing Contact Form 7 Popup on Button Click Request a Quote for WooCommerce – Get a Quote Button WP Post List Table Our Team Members WPB Category Slider for WooCommerce WPB Image Widget WPB Quick View for WooCommerce Advance Portfolio Grid
CVE IDTitleCVSSSeverityPublished
CVE-2025-57967 WordPress WPB Quick View for WooCommerce plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability — WPB Quick View for WooCommerceCWE-79 6.5 Medium2025-09-22
CVE-2025-57982 WordPress Advance Portfolio Grid plugin <= 1.07.6 - Cross Site Scripting (XSS) vulnerability — Advance Portfolio GridCWE-79 5.9 Medium2025-09-22
CVE-2025-58858 WordPress WPB Image Widget Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability — WPB Image WidgetCWE-79 6.5 Medium2025-09-05
CVE-2025-58793 WordPress WPB Elementor Addons plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability — WPB Elementor AddonsCWE-79 6.5 Medium2025-09-05
CVE-2025-53281 WordPress WPB Category Slider for WooCommerce plugin <= 1.71 - Local File Inclusion Vulnerability — WPB Category Slider for WooCommerceCWE-98 7.5 High2025-06-27
CVE-2025-30802 WordPress Our Team Members plugin <= 2.2 - Sensitive Data Exposure vulnerability — Our Team MembersCWE-497 4.3 Medium2025-04-01
CVE-2024-13664 WP Post List Table <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP Post List TableCWE-79 6.4 Medium2025-01-30
CVE-2024-11034 Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form — Request a Quote for WooCommerce – Get a Quote ButtonCWE-94 7.3 High2024-11-23
CVE-2024-11038 WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup <= 1.7.5 - Unauthenticated Arbitrary Shortcode Execution via wpb_pcf_fire_contact_form — WPB Popup for Contact Form 7 – Showing Contact Form 7 Popup on Button ClickCWE-94 7.3 High2024-11-19
CVE-2024-34791 WordPress WPB Elementor Addons plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability — WPB Elementor AddonsCWE-79 6.5 Medium2024-06-03
CVE-2024-3063 WPB Elementor Addons <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — WPB Addons for Elementor – News Ticker, Timeline, Team & More WidgetsCWE-79 6.4 Medium2024-05-30
CVE-2024-4896 WPB Elementor Addons <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter — WPB Addons for Elementor – News Ticker, Timeline, Team & More WidgetsCWE-79 6.4 Medium2024-05-22

This page lists every published CVE security advisory associated with WPBean. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.