Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

WPDeveloper — Vulnerabilities & Security Advisories 49

Browse all 49 CVE security advisories affecting WPDeveloper. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WPDeveloper operates as a software vendor specializing in WordPress plugins and themes, primarily targeting web developers and site administrators seeking to extend functionality. Historical security audits reveal a pattern of critical vulnerabilities, including forty-nine recorded Common Vulnerabilities and Exposures (CVEs). These flaws predominantly involve remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and improper sanitization of user-supplied data. The high volume of disclosed issues suggests systemic weaknesses in the development lifecycle, particularly regarding secure coding practices and rigorous testing protocols. While specific major incidents are not always publicly detailed, the consistent recurrence of severe bugs indicates a significant risk posture for users relying on these extensions. Consequently, organizations utilizing WPDeveloper products must implement strict monitoring and timely patching strategies to mitigate the inherent exposure to exploitation attempts.

Top products by WPDeveloper: Essential Addons for Elementor Essential Blocks for Gutenberg EmbedPress BetterDocs Templately Essential Addons for Elementor Pro Typing Text BetterLinks NotificationX ReviewX – Multi-criteria Rating & Reviews for WooCommerce Parallax Slider Block SchedulePress Simple 301 Redirects by BetterLinks Document Block – Upload & Embed Docs Secret Meta
CVE IDTitleCVSSSeverityPublished
CVE-2024-43936 WordPress EmbedPress plugin <= 4.0.8 - Cross Site Scripting (XSS) vulnerability — EmbedPressCWE-79 6.5 Medium2024-08-29
CVE-2024-43328 WordPress EmbedPress plugin <= 4.0.9 - Local File Inclusion vulnerability — EmbedPressCWE-22 8.3 High2024-08-19
CVE-2024-43129 WordPress BetterDocs plugin <= 3.5.8 - Local File Inclusion vulnerability — BetterDocsCWE-22 6.5 Medium2024-08-13
CVE-2024-43227 WordPress BetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer for Elementor & Gutenberg plugin <= 3.5.8 - Cross Site Scripting (XSS) vulnerability — BetterDocsCWE-79 6.5 Medium2024-08-12
CVE-2024-39649 WordPress Essential Addons for Elementor plugin <= 5.9.26 - Cross Site Scripting (XSS) vulnerability — Essential Addons for ElementorCWE-79 6.5 Medium2024-08-01
CVE-2023-51375 WordPress EmbedPress plugin <= 3.8.3 - Broken Access Control vulnerability — EmbedPressCWE-862 4.3 Medium2024-06-21
CVE-2024-5058 WordPress Typing Text plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability — Typing TextCWE-79 6.5 Medium2024-06-21
CVE-2024-31284 WordPress EmbedPress plugin <= 3.9.8 - Broken Access Control vulnerability — EmbedPressCWE-862 6.5 Medium2024-06-09
CVE-2024-31274 WordPress EmbedPress plugin <= 3.9.11 - Broken Access Control vulnerability — EmbedPressCWE-862 5.3 Medium2024-06-09
CVE-2024-30467 WordPress Essential Blocks plugin <= 4.4.9 - Broken Access Control vulnerability — Essential Blocks for GutenbergCWE-862 6.5 Medium2024-06-09
CVE-2023-41955 WordPress Essential Addons for Elementor plugin <= 5.8.8 - Contributor+ Privilege Escalation vulnerability — Essential Addons for ElementorCWE-269 8.8 High2024-05-17
CVE-2024-32717 WordPress SchedulePress plugin <= 5.0.8 - Broken Access Control vulnerability — SchedulePressCWE-862 6.5 Medium2024-05-09
CVE-2024-31306 WordPress Essential Blocks plugin <= 4.5.3 - Cross Site Scripting (XSS) vulnerability — Essential Blocks for GutenbergCWE-79 6.5 Medium2024-04-07
CVE-2024-30226 WordPress BetterDocs plugin <= 3.3.3 - Unauthenticated PHP Object Injection vulnerability — BetterDocsCWE-502 9.0 Critical2024-03-28
CVE-2023-49184 WordPress Parallax Slider Block Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS) — Parallax Slider BlockCWE-79 5.9 Medium2023-12-15
CVE-2023-32245 WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Server Side Request Forgery (SSRF) — Essential Addons for Elementor ProCWE-352 5.4 Medium2023-11-18
CVE-2022-46809 WordPress ReviewX Plugin <= 1.6.7 is vulnerable to CSV Injection — ReviewX – Multi-criteria Rating & Reviews for WooCommerceCWE-1236 6.1 Medium2023-11-07
CVE-2023-32241 WordPress Essential Addons for Elementor Pro Plugin <= 5.4.8 is vulnerable to Cross Site Scripting (XSS) — Essential Addons for Elementor ProCWE-79 7.1 High2023-08-29
CVE-2023-32243 WordPress Essential Addons for Elementor Plugin 5.4.0-5.7.1 is vulnerable to Privilege Escalation — Essential Addons for ElementorCWE-287 9.8 Critical2023-05-12

This page lists every published CVE security advisory associated with WPDeveloper. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.