Browse all 3 CVE security advisories affecting WhatArmy. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WhatArmy is a cybersecurity firm specializing in penetration testing and vulnerability assessments for organizations. Their work primarily focuses on identifying security flaws in web applications, APIs, and network infrastructure. Historically, they have commonly discovered vulnerabilities including remote code execution, cross-site scripting (XSS), and privilege escalation flaws. The firm maintains a record of three CVEs for their findings, demonstrating their role in uncovering critical security issues. While no major public incidents are directly attributed to WhatArmy, their contributions to the security community through vulnerability disclosure and remediation assistance have helped organizations strengthen their defenses against common attack vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-25701 | WordPress WatchTowerHQ plugin <= 3.6.16 - Privilege Escalation — WatchTowerHQCWE-269 | 9.8 | Critical | 2024-05-17 |
| CVE-2022-44583 | WordPress WatchTowerHQ plugin <= 3.6.15 - Unauth. Arbitrary File Download vulnerability — WatchTowerHQ (WordPress plugin) | 7.5 | High | 2022-11-18 |
| CVE-2022-44584 | WordPress WatchTowerHQ plugin <= 3.6.15 - Unauth. Arbitrary File Deletion vulnerability — WatchTowerHQ (WordPress plugin) | 9.1 | Critical | 2022-11-18 |
This page lists every published CVE security advisory associated with WhatArmy. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.