Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

advplyr — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting advplyr. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Advplyr primarily targets enterprise applications and cloud services, focusing on identifying critical vulnerabilities in web applications and APIs. Historically, the researcher has commonly reported remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often in widely used software products. Advplyr's submissions frequently involve complex exploitation chains that combine multiple vulnerability classes. The researcher maintains a moderate disclosure timeline, typically coordinating with vendors before public release. While no major incidents directly linked to advplyr's reports have been documented, their findings have consistently addressed high-severity issues in commercial and open-source software, contributing to improved security postures across multiple industries.

Top products by advplyr: audiobookshelf audiobookshelf-app
CVE IDTitleCVSSSeverityPublished
CVE-2026-27974 Audiobooksheld VUlnerable to Stored XSS in WrappingMarquee.js via Audiobook Metadata (Mobile App Audio Player) — audiobookshelf-appCWE-79 4.8 Medium2026-02-26
CVE-2026-27963 Audiobookshelf has Stored XSS in Tooltip.vue via Audiobook Metadata — audiobookshelfCWE-79 4.8 Medium2026-02-26
CVE-2026-27973 Audiobookshelf has Stored XSS in ItemSearchCard.vue via Audiobook Metadata (Search Results on Mobile App) — audiobookshelfCWE-79 4.0 Medium2026-02-26
CVE-2025-57800 Audiobookshelf vulnerable to OIDC token exfiltration and account takeover — audiobookshelfCWE-523 8.8 High2025-08-22
CVE-2025-46338 Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected via POST Request in /api/upload — audiobookshelfCWE-79 5.4AIMediumAI2025-04-29
CVE-2025-25205 Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching — audiobookshelfCWE-202 8.2 High2025-02-12
CVE-2024-43797 Path Traversal in audiobookshelf — audiobookshelfCWE-22 6.3 Medium2024-09-02
CVE-2024-35236 Audiobookshelf Cross-Site-Scripting vulnerability via crafted ebooks — audiobookshelfCWE-79 4.8 Medium2024-05-27
CVE-2023-51665 Audiobookshelf vulnerable to Blind SSRF in `Auth.js` — audiobookshelfCWE-918 4.3 Medium2023-12-27
CVE-2023-51697 Audiobookshelf vulnerable to Blind SSRF in `podcastUtils.js` — audiobookshelfCWE-918 4.3 Medium2023-12-27
CVE-2023-47624 Audiobookshelf Arbitrary File Read Vulnerability — audiobookshelfCWE-22 7.5 High2023-12-13
CVE-2023-47619 Audiobookshelf Server-Side Request Forgery and Arbitrary File Read Vulnerability — audiobookshelfCWE-918 8.1 High2023-12-13

This page lists every published CVE security advisory associated with advplyr. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.