Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPMU DEV — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting WPMU DEV. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WPMU DEV provides WordPress multisite solutions, including themes, plugins, and hosting services, enabling scalable website management. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, their 11 recorded CVEs highlight recurring security challenges in their plugin ecosystem, particularly in areas handling user authentication and file operations. The company has addressed these issues through patches, but the persistence of certain vulnerability classes suggests ongoing challenges in secure coding practices across their product line.

Top products by WPMU DEV: Forminator Defender Security Defender Security – Malware Scanner, Login Security & Firewall Broken Link Checker Branda
CVE IDTitleCVSSSeverityPublished
CVE-2024-45625 WordPress plugin Forminator Forms 安全漏洞 — Forminator 6.1AIMediumAI2024-09-09
CVE-2023-51542 WordPress Branda plugin <= 3.4.14 - IP Restriction Bypass vulnerability — BrandaCWE-290 5.3 Medium2024-06-04
CVE-2023-47189 WordPress Defender Security plugin <= 4.2.0 - Masked Login Area View Bypass vulnerability — Defender SecurityCWE-287 5.3 Medium2024-06-04
CVE-2024-25595 WordPress Defender Security plugin <= 4.4.1 - IP Restriction Bypass vulnerability — Defender SecurityCWE-290 5.3 Medium2024-05-17
CVE-2022-44581 WordPress Defender Security plugin <= 3.3.2 - Broken Authentication vulnerability — Defender SecurityCWE-922 5.0 Medium2024-05-17
CVE-2024-28890 WordPress plugin Forminator 安全漏洞 — Forminator 9.8 -2024-04-23
CVE-2024-31077 WordPress plugin Forminator 安全漏洞 — Forminator 7.2 -2024-04-23
CVE-2024-31857 WordPress plugin Forminator 安全漏洞 — Forminator 6.1 -2024-04-23
CVE-2024-25592 WordPress Broken Link Checker plugin <= 2.2.3 - Cross Site Scripting (XSS) vulnerability — Broken Link CheckerCWE-79 5.9 Medium2024-03-15
CVE-2023-51490 WordPress Defender Security Plugin <= 4.1.0 is vulnerable to Sensitive Data Exposure — Defender Security – Malware Scanner, Login Security & FirewallCWE-532 5.3 Medium2024-01-08
CVE-2021-36821 WordPress Forminator plugin <= 1.14.11 - Stored Cross-Site Scripting (XSS) vulnerability — ForminatorCWE-79 7.1 High2023-03-16

This page lists every published CVE security advisory associated with WPMU DEV. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.