Browse all 3 CVE security advisories affecting WebberZone. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WebberZone develops WordPress plugins for content management and monetization purposes, with three publicly disclosed CVEs primarily involving stored cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities. Historically, these plugins have been susceptible to input validation flaws leading to unauthorized access and arbitrary code execution. Security assessments indicate consistent patterns in insufficient sanitization of user-supplied data and improper privilege management, enabling authenticated attackers to escalate privileges. No major public security incidents have been documented, though the vulnerabilities present significant risks for websites handling user-generated content. The plugin suite requires regular updates to mitigate these recurring security weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-25993 | WordPress Top 10 – Popular posts plugin for WordPress plugin <= 3.2.3 - Broken Access Control vulnerability — Top 10CWE-862 | 4.3 | Medium | 2024-12-09 |
| CVE-2024-29142 | WordPress Better Search plugin <= 3.3.0 - Stored Cross Site Scripting (XSS) vulnerability — Better Search – Relevant search results for WordPressCWE-79 | 7.1 | High | 2024-03-19 |
| CVE-2023-47238 | WordPress Top 10 Plugin <= 3.3.2 is vulnerable to Cross Site Request Forgery (CSRF) — Top 10 – WordPress Popular posts by WebberZoneCWE-352 | 4.3 | Medium | 2023-11-09 |
This page lists every published CVE security advisory associated with WebberZone. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.