Browse all 7 CVE security advisories affecting WebsiteBaker. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WebsiteBaker serves as a lightweight content management system enabling users to build and maintain websites without technical expertise. Historically, it has been susceptible to multiple security vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, contributing to its seven recorded CVEs. The platform's modular architecture and extensibility have introduced potential attack vectors through third-party plugins. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests ongoing challenges in secure development practices. Users should implement strict input validation and regular updates to mitigate risks associated with this aging CMS platform.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-47788 | WebsiteBaker 2.13.0 - Remote Code Execution (RCE) (Authenticated) — WebsiteBakerCWE-434 | 8.8 | High | 2026-01-15 |
| CVE-2023-53953 | WebsiteBaker 2.13.3 Stored Cross-Site Scripting via Page Creation — WebsiteBakerCWE-79 | 5.4 | Medium | 2025-12-19 |
| CVE-2023-53903 | WebsiteBaker 2.13.3 Stored Cross-Site Scripting via SVG File Upload — WebsiteBakerCWE-79 | 5.4 | Medium | 2025-12-16 |
| CVE-2023-53902 | WebsiteBaker 2.13.3 Directory Traversal via Media Delete Endpoint — WebsiteBakerCWE-22 | 6.5 | Medium | 2025-12-16 |
| CVE-2011-4322 | websitebaker 访问控制错误漏洞 — websitebaker | 7.5 | - | 2020-01-21 |
| CVE-2011-2933 | WebsiteBaker 代码问题漏洞 — WebsiteBaker | 7.2 | - | 2020-01-14 |
| CVE-2011-2934 | WebsiteBaker 跨站请求伪造漏洞 — WebsiteBaker | 8.8 | - | 2020-01-14 |
This page lists every published CVE security advisory associated with WebsiteBaker. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.