Browse all 3 CVE security advisories affecting Wokamoto. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Wokamoto develops web application frameworks primarily used for building dynamic content management systems. Historically, vulnerabilities in their products have frequently included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. Security researchers have identified multiple critical issues in their core components, with three CVEs currently documented. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests a need for enhanced security testing and input sanitization practices in their development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-31528 | WordPress StaticPress plugin <= 0.4.5 - Broken Access Control vulnerability — StaticPressCWE-862 | 4.3 | Medium | 2025-03-31 |
| CVE-2024-0700 | Simple Tweet <= 1.4.0.2 - Authenticated (Author+) Stored Cross-Site Scripting — Simple TweetCWE-79 | 6.4 | Medium | 2024-03-13 |
| CVE-2023-45767 | WordPress Simple Tweet Plugin <= 1.4.0.2 is vulnerable to Cross Site Scripting (XSS) — Simple TweetCWE-79 | 5.9 | Medium | 2023-10-24 |
This page lists every published CVE security advisory associated with Wokamoto. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.