Browse all 4 CVE security advisories affecting Web-Settler. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Web-Settler is a web application framework primarily used for building and deploying enterprise-level web solutions. Historically, it has been susceptible to multiple vulnerability classes including remote code execution, cross-site scripting, and privilege escalation, as evidenced by its four recorded CVEs. The framework's modular architecture has introduced security challenges through insecure default configurations and insufficient input validation. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in its core components suggests a need for rigorous hardening and regular security assessments when implementing Web-Settler in production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-24379 | WordPress Landing Page Builder – Free Landing Page Templates plugin <= 3.1.9.9 - Local File Inclusion vulnerability — Landing Page Builder – Free Landing Page TemplatesCWE-22 | 6.8 | Medium | 2024-05-17 |
| CVE-2023-47227 | WordPress Social Feed | All social media in one place Plugin <= 1.5.4.6 is vulnerable to Cross Site Scripting (XSS) — Social Feed | All social media in one placeCWE-79 | 5.9 | Medium | 2023-11-08 |
| CVE-2023-24412 | WordPress Image Social Feed Plugin Plugin <= 1.7.6 is vulnerable to Cross Site Scripting (XSS) — Image Social FeedCWE-79 | 5.9 | Medium | 2023-09-01 |
| CVE-2021-36851 | WordPress Testimonial Slider plugin <= 3.5.8.3 - Cross-Site Scripting (XSS) vulnerability — Testimonial Slider – Free Testimonials Slider Plugin (WordPress plugin)CWE-79 | 4.1 | Medium | 2022-04-04 |
This page lists every published CVE security advisory associated with Web-Settler. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.