Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Winwar Media — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting Winwar Media. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Winwar Media develops digital content management solutions primarily serving media and publishing industries. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. The company has accumulated six CVEs to date, with several critical RCE issues in their flagship platform allowing unauthorized system compromise. While no major public security incidents have been documented, their vulnerability history suggests consistent weaknesses in secure coding practices, particularly around user input handling and session management, requiring ongoing remediation efforts to maintain secure operations.

Top products by Winwar Media: WP Email Capture Inline Tweet Sharer – Twitter Sharing Plugin WP eBay Product Feeds WP Flipclock WordPress Email Marketing Plugin – WP Email Capture
CVE IDTitleCVSSSeverityPublished
CVE-2023-28421 WordPress WordPress Email Marketing Plugin – WP Email Capture Plugin <= 3.10 is vulnerable to Sensitive Data Exposure — WordPress Email Marketing Plugin – WP Email CaptureCWE-200 5.3 Medium2023-12-21
CVE-2023-23724 WordPress WordPress Email Marketing Plugin – WP Email Capture Plugin <= 3.9.3 is vulnerable to Cross Site Request Forgery (CSRF) — WP Email CaptureCWE-352 4.3 Medium2023-05-23
CVE-2023-23723 WordPress WordPress Email Marketing Plugin – WP Email Capture Plugin <= 3.9.3 is vulnerable to Cross Site Scripting (XSS) — WP Email CaptureCWE-79 5.9 Medium2023-05-02
CVE-2023-24005 WordPress Inline Tweet Sharer – Twitter Sharing Plugin Plugin <= 2.5.3 is vulnerable to Cross Site Scripting (XSS) — Inline Tweet Sharer – Twitter Sharing PluginCWE-79 5.9 Medium2023-04-25
CVE-2023-23722 WordPress WP eBay Product Feeds Plugin <= 3.3.1 is vulnerable to Cross Site Scripting (XSS) — WP eBay Product FeedsCWE-79 5.9 Medium2023-03-23
CVE-2023-23728 WordPress WP Flipclock Plugin <= 1.7.4 is vulnerable to Cross Site Scripting (XSS) — WP FlipclockCWE-79 6.5 Medium2023-03-23

This page lists every published CVE security advisory associated with Winwar Media. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.