Browse all 6 CVE security advisories affecting Webcodin. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Webcodin develops web-based project management and collaboration tools used by organizations worldwide. Historically, their products have been vulnerable to multiple remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from insufficient input validation. Privilege escalation vulnerabilities have also been identified, allowing unauthorized access to sensitive project data. The company has six CVEs on record, with several critical RCE issues patched in recent years. While no major public security incidents have been reported, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices, particularly regarding user input handling and access control mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-46638 | WordPress WCP OpenWeather Plugin <= 2.5.0 is vulnerable to Cross Site Request Forgery (CSRF) — WCP OpenWeatherCWE-352 | 4.3 | Medium | 2023-11-13 |
| CVE-2023-25471 | WordPress WCP OpenWeather Plugin <= 2.5.0 is vulnerable to Cross Site Scripting (XSS) — WCP OpenWeatherCWE-79 | 7.1 | High | 2023-08-30 |
This page lists every published CVE security advisory associated with Webcodin. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.