Browse all 3 CVE security advisories affecting WordLift. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Wordlift is a WordPress plugin that enhances content with semantic markup and AI-powered SEO optimization. Historically, Wordlift has been susceptible to multiple security vulnerabilities, including cross-site scripting (XSS) and remote code execution (RCE) flaws, often stemming from insufficient input validation and improper sanitization. The plugin's three recorded CVEs highlight recurring issues in how it handles user data and integrates with WordPress. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests that Wordlift's complex functionality and third-party integrations present ongoing security challenges that require careful implementation and regular updates.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-53582 | WordPress WordLift Plugin <= 3.54.5 - Cross Site Scripting (XSS) Vulnerability — WordLiftCWE-79 | 6.5 | Medium | 2025-08-14 |
| CVE-2025-30624 | WordPress WordLift plugin <= 3.54.4 - Broken Access Control Vulnerability — WordLiftCWE-862 | 4.3 | Medium | 2025-06-06 |
This page lists every published CVE security advisory associated with WordLift. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.