Browse all 3 CVE security advisories affecting WappPress Team. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WappPress Team develops WordPress security plugins focused on protecting websites from common web threats. Historically, their products have been associated with multiple Remote Code Execution (RCE) vulnerabilities, Cross-Site Scripting (XSS) issues, and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. The team has addressed three CVEs to date, highlighting ongoing security challenges in their plugin architecture. While no major public security incidents have been documented, their vulnerability pattern suggests a need for stricter security development practices, particularly in sanitizing user inputs and implementing robust permission mechanisms to prevent unauthorized access and code execution.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-43137 | WordPress WappPress Basic plugin <= 6.0.4 - Cross Site Scripting (XSS) vulnerability — WappPressCWE-79 | 5.9 | Medium | 2024-08-12 |
| CVE-2024-38758 | WordPress WappPress plugin <= 6.0.4 - Blind Server Side Request Forgery (SSRF) vulnerability — WappPressCWE-918 | 4.9 | Medium | 2024-07-20 |
| CVE-2023-49815 | WordPress WappPress plugin <= 5.0.3 - Unauthenticated Arbitrary File Upload vulnerability — WappPressCWE-434 | 10.0 | Critical | 2024-03-27 |
This page lists every published CVE security advisory associated with WappPress Team. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.