Browse all 11 CVE security advisories affecting WordPlus. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WordPlus is a document processing software primarily used for creating, editing, and managing text-based files with advanced formatting capabilities. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 11 recorded CVEs. The application's complex macro system and extensive plugin architecture have frequently introduced security risks, allowing attackers to execute arbitrary code through malicious document attachments. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities across multiple versions suggests ongoing challenges in secure development practices, particularly regarding input validation and sandboxing of untrusted content.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-32802 | WordPress Better Messages plugin <= 2.4.32 - Broken Authentication vulnerability — BP Better MessagesCWE-862 | 5.3 | Medium | 2024-05-17 |
This page lists every published CVE security advisory associated with WordPlus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.