Browse all 3 CVE security advisories affecting alttextai. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Alttextai provides automated image description generation for accessibility and SEO purposes. Historically, the platform has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its three recorded CVEs. These vulnerabilities often stem from improper input validation and insufficient access controls in web interfaces and API endpoints. While no major public security incidents have been documented, the consistent pattern of critical vulnerabilities suggests ongoing challenges in secure development practices. The company's rapid feature development may contribute to security gaps, requiring stronger emphasis on secure coding and regular penetration testing to address systemic risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25348 | WordPress Download Alt Text AI plugin <= 1.10.15 - Broken Access Control vulnerability — Download Alt Text AICWE-862 | 5.3 | Medium | 2026-02-19 |
| CVE-2025-46232 | WordPress Download Alt Text AI plugin <= 1.9.93 - Broken Access Control Vulnerability — Download Alt Text AICWE-862 | 4.3 | Medium | 2025-04-22 |
This page lists every published CVE security advisory associated with alttextai. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.