Browse all 3 CVE security advisories affecting WPOmnia. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WPOmnia is a WordPress management platform designed for centralized control of multiple WordPress sites. Historically, it has been susceptible to various vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, with three CVEs currently documented. The platform's security characteristics include its role as a single point of management that, if compromised, could affect multiple websites simultaneously. While no major public security incidents have been widely reported, the presence of CVEs indicates potential risks that administrators should address through timely updates and proper hardening of the platform.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-33589 | WordPress KB Support plugin <= 1.6.0 - Broken Access Control vulnerability — KB SupportCWE-862 | 6.5 | Medium | 2024-04-29 |
| CVE-2023-37890 | WordPress KB Support Plugin <= 1.5.88 is vulnerable to Broken Access Control — KB Support – WordPress Help Desk and Knowledge BaseCWE-862 | 4.3 | Medium | 2023-11-30 |
| CVE-2023-25983 | WordPress KB Support Plugin <= 1.5.84 is vulnerable to CSV Injection — KB SupportCWE-1236 | 7.1 | - | 2023-11-07 |
This page lists every published CVE security advisory associated with WPOmnia. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.