Browse all 7 CVE security advisories affecting a3rev. AI-powered Chinese analysis, POCs, and references for each vulnerability.
a3rev develops software primarily used for content management and digital publishing, with its products often handling user-generated data and administrative functions. Historically, vulnerabilities in their code have frequently involved cross-site scripting (XSS) and remote code execution (RCE), often stemming from insufficient input validation and insecure direct object references. The company has addressed multiple privilege escalation issues in administrative interfaces, allowing unauthorized access to sensitive functions. While no major public security incidents have been widely documented, their consistent presence in CVE records suggests ongoing challenges in secure coding practices, particularly in how they handle user permissions and data processing within their publishing platforms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-2816 | Page View Count 2.8.0 - 2.8.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update — Page View CountCWE-862 | 8.1 | High | 2025-05-01 |
This page lists every published CVE security advisory associated with a3rev. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.