Browse all 14 CVE security advisories affecting astoundify. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Astoundify develops WordPress plugins and themes for digital marketing and e-commerce, with 14 CVEs recorded. Historically, vulnerabilities have included stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation, often stemming from insufficient input validation and improper access controls. Notable security characteristics include frequent use of deprecated functions and inconsistent sanitization practices. While no major public incidents have been widely documented, the pattern of vulnerabilities suggests ongoing challenges in secure coding practices. The company's products remain popular despite these issues, indicating a need for improved security measures to address recurring flaws in their codebase.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28042 | WordPress Listify plugin <= 3.2.5 - Reflected Cross Site Scripting (XSS) vulnerability — ListifyCWE-79 | 7.1 | High | 2026-03-05 |
| CVE-2025-59009 | WordPress Listify theme <= 3.2.5 - Cross Site Request Forgery (CSRF) vulnerability — ListifyCWE-352 | 4.3 | Medium | 2025-12-16 |
This page lists every published CVE security advisory associated with astoundify. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.