Browse all 5 CVE security advisories affecting WPPOOL. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WPPOOL is a WordPress resource provider offering themes, plugins, and tutorials for website development. Historically, their products have been associated with multiple security vulnerabilities, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation issues. These vulnerabilities often stem from insufficient input validation, insecure direct object references, and inadequate access controls. While no major public security incidents have been widely documented, the five CVEs attributed to WPPOOL highlight ongoing security concerns in their ecosystem. Their plugins and themes, while popular, have occasionally contained flaws that could allow attackers to compromise websites, underscoring the importance of regular security audits and updates for users of their products.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-30765 | WordPress FlexStock plugin <= 3.13.1 - SQL Injection Vulnerability — FlexStockCWE-89 | 7.6 | High | 2025-03-27 |
This page lists every published CVE security advisory associated with WPPOOL. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.