Browse all 5 CVE security advisories affecting aharonyan. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Aharonyan develops software components primarily used in web applications and content management systems. Historically, vulnerabilities associated with this developer include remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure authentication mechanisms. Security assessments have identified multiple instances of stored XSS vulnerabilities in form handlers and RCE risks in file upload components. While no major public security incidents have been documented, the consistent pattern of similar vulnerability classes across multiple CVEs suggests potential systemic weaknesses in secure coding practices. The five recorded CVEs primarily affect versions 2.x through 4.x of their flagship product, with patches available for all reported issues.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13419 | Guest posting / Frontend Posting / Front Editor – WP Front User Submit <= 5.0.0 - Missing Authorization to Unauthenticated Media Deletion — Guest posting / Frontend Posting / Front Editor – WP Front User SubmitCWE-862 | 5.3 | Medium | 2026-01-07 |
| CVE-2024-2967 | Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor <= 4.4.7 - Authenticated (Admin+) Stored Cross-Site Scripting — Guest posting / Frontend Posting / Front Editor – WP Front User SubmitCWE-79 | 4.4 | Medium | 2024-05-02 |
This page lists every published CVE security advisory associated with aharonyan. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.