Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPENGINE, INC. — Vulnerabilities & Security Advisories 3

Browse all 3 CVE security advisories affecting WPENGINE, INC.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WPENGINE provides managed WordPress hosting and related digital experience platforms, serving businesses requiring specialized content management solutions. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from misconfigurations or plugin integration issues. While no major public security incidents have been widely documented, the company maintains three active CVEs, primarily related to access control flaws and input validation weaknesses. WPENGINE emphasizes security through automated updates, firewalls, and malware scanning, though their complex architecture may introduce potential attack surfaces requiring continuous monitoring and patch management.

Top products by WPENGINE, INC.: WP Migrate Advanced Custom Fields PRO Advanced Custom Fields
CVE IDTitleCVSSSeverityPublished
CVE-2025-54940 WordPress plugin Advanced Custom Fields 代码注入漏洞 — Advanced Custom FieldsCWE-94 6.1 -2025-08-08
CVE-2024-37251 WordPress Advanced Custom Fields Pro plugin < 6.3.2 - Cross-Site Request Forgery (CSRF) vulnerability — Advanced Custom Fields PROCWE-352 4.3 Medium2024-12-16
CVE-2024-30225 WordPress WP Migrate plugin <= 2.6.10 - Unauthenticated PHP Object Injection vulnerability — WP MigrateCWE-502 10.0 Critical2024-03-28

This page lists every published CVE security advisory associated with WPENGINE, INC.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.