Browse all 4 CVE security advisories affecting Weblizar - WordPress Themes & Plugin. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Weblizar develops WordPress themes and plugins to enhance website functionality and design. Historically, their products have been susceptible to multiple security vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, as evidenced by four recorded CVEs. These vulnerabilities often stem from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the consistent presence of CVEs indicates ongoing security challenges. Organizations using Weblizar's products should maintain regular updates and implement security best practices to mitigate potential risks associated with these common WordPress vulnerability classes.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-69022 | WordPress HR Management Lite plugin <= 3.6 - Broken Access Control vulnerability — HR Management LiteCWE-862 | 5.4 | Medium | 2025-12-30 |
| CVE-2025-29005 | WordPress HR Management Lite plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerability — HR Management LiteCWE-352 | 4.3 | Medium | 2025-06-06 |
| CVE-2025-30808 | WordPress About Author plugin <= 1.6.2 - Reflected Cross Site Scripting (XSS) vulnerability — About AuthorCWE-79 | 7.1 | High | 2025-04-01 |
| CVE-2024-49280 | WordPress Lightbox slider -- Responsive Lightbox Gallery plugin <= 1.10.6 - Cross Site Scripting (XSS) vulnerability — Lightbox slider – Responsive Lightbox GalleryCWE-79 | 6.5 | Medium | 2024-10-17 |
This page lists every published CVE security advisory associated with Weblizar - WordPress Themes & Plugin. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.