Browse all 3 CVE security advisories affecting WPoperation. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WPoperation specializes in WordPress security management and maintenance services for businesses. Historically, the service has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, contributing to three CVEs on record. Security characteristics include automated vulnerability scanning and patch management, though past incidents highlight challenges in timely updates for client sites. The platform aims to mitigate common WordPress threats but has faced criticism for inconsistent security practices across its managed installations. WPoperation's core value proposition lies in reducing administrative burden while maintaining security postures for WordPress-dependent organizations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-32126 | WordPress SALERT plugin <= 1.2.1 - Broken Access Control vulnerability — SALERTCWE-862 | 4.3 | Medium | 2024-12-09 |
| CVE-2024-24803 | WordPress Ultra Companion Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS) — Ultra Companion – Companion plugin for WPoperation ThemesCWE-79 | 6.5 | Medium | 2024-02-10 |
| CVE-2023-32118 | WordPress SALERT Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS) — SALERT – Fake Sales Notification WooCommerceCWE-79 | 7.1 | High | 2023-06-12 |
This page lists every published CVE security advisory associated with WPoperation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.