Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPdevart — Vulnerabilities & Security Advisories 38

Browse all 38 CVE security advisories affecting WPdevart. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WpDevArt is a software vendor specializing in premium plugins and extensions for the WordPress content management system. Their portfolio includes tools for page building, SEO optimization, and e-commerce functionality, targeting developers and site administrators seeking enhanced platform capabilities. Security audits have identified thirty-seven Common Vulnerabilities and Exposures (CVEs) associated with their products, indicating a persistent pattern of security deficiencies. Historically, these vulnerabilities frequently manifest as remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and inadequate access controls within the codebase. While no single catastrophic data breach has been publicly attributed solely to WpDevArt, the high volume of disclosed CVEs suggests systemic issues in their development lifecycle. Users are advised to exercise caution, ensuring all components are regularly updated and monitored for known exploits to mitigate potential compromise of their WordPress environments.

Top products by WPdevart: Booking calendar, Appointment Booking System Responsive Image Gallery, Gallery Album Gallery – Image and Video Gallery with Thumbnails Organization chart Responsive Vertical Icon Menu YouTube Embed, Playlist and Popup by WpDevArt Contact Form Builder, Contact Widget Widget Countdown Contact Form Builder Poll, Survey, Questionnaire and Voting system Countdown Timer – Widget Countdown Pricing Table builder Coming soon and Maintenance mode Countdown and CountUp, WooCommerce Sales Timer Image and Video Lightbox, Image PopUp Poll, Survey, Questionnaire and Voting system (WordPress plugin) Countdown and CountUp, WooCommerce Sales Timers
CVE IDTitleCVSSSeverityPublished
CVE-2022-47603 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) — Gallery – Image and Video Gallery with ThumbnailsCWE-79 7.1 High2023-03-29
CVE-2022-47438 WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Scripting (XSS) — Booking calendar, Appointment Booking SystemCWE-79 5.9 Medium2023-03-29
CVE-2023-23983 WordPress Responsive Vertical Icon Menu Plugin <= 1.5.8 is vulnerable to Cross Site Request Forgery (CSRF) — Responsive Vertical Icon MenuCWE-352 5.4 Medium2023-02-28
CVE-2023-24384 WordPress Organization chart Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) — Organization chartCWE-352 4.3 Medium2023-02-23
CVE-2023-24388 WordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Request Forgery (CSRF) — Booking calendar, Appointment Booking SystemCWE-352 5.4 Medium2023-02-17
CVE-2022-34656 WordPress Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 - Authenticated Cross-Site Scripting (XSS) vulnerability — Poll, Survey, Questionnaire and Voting system (WordPress plugin)CWE-79 4.8 Medium2022-09-06
CVE-2021-34636 Countdown and CountUp, WooCommerce Sales Timer <= 1.5.7 Cross-Site Request Forgery to Stored Cross-Site Scripting — Countdown and CountUp, WooCommerce Sales TimersCWE-352 8.8 High2021-09-28
CVE-2021-24442 Poll, Survey, Questionnaire and Voting system < 1.5.3 - Unauthenticated Blind SQL Injection — Poll, Survey, Questionnaire and Voting systemCWE-89 9.8 -2021-07-12

This page lists every published CVE security advisory associated with WPdevart. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.