Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPZita — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting WPZita. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wpzita is a WordPress plugin designed to enhance website functionality through various features and integrations. Historically, it has been associated with multiple security vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation issues. These vulnerabilities often stem from insufficient input validation and improper access controls. The plugin's six recorded CVEs highlight recurring security flaws that could allow attackers to compromise websites. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for unpatched installations. Users are advised to maintain updated versions and implement additional security measures to mitigate potential threats.

Top products by WPZita: Zita Site Library for Elementor Zita Elementor Site Library Z Companion
CVE IDTitleCVSSSeverityPublished
CVE-2026-25319 WordPress Zita Elementor Site Library plugin <= 1.6.6 - Cross Site Request Forgery (CSRF) vulnerability — Zita Elementor Site LibraryCWE-352 4.3 Medium2026-02-19
CVE-2025-2575 Z Companion <= 1.1.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — Z CompanionCWE-79 6.4 Medium2025-04-11
CVE-2025-30817 WordPress Z Companion plugin <= 1.0.13 - Broken Access Control vulnerability — Z CompanionCWE-862 5.4 Medium2025-03-27
CVE-2024-8921 Zita Elementor Site Library <= 1.6.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — Zita Site Library for ElementorCWE-79 6.4 Medium2024-10-16
CVE-2024-37420 WordPress Zita Elementor Site Library plugin <= 1.6.1 - Arbitrary Code Execution vulnerability — Zita Elementor Site LibraryCWE-434 9.9 Critical2024-07-09
CVE-2024-3249 Zita Elementor Site Library <= 1.6.2 - Missing Authorization to Page Creation and Options Modification — Zita Site Library for ElementorCWE-862 4.3 Medium2024-06-25

This page lists every published CVE security advisory associated with WPZita. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.