Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ays-pro — Vulnerabilities & Security Advisories 37

Browse all 37 CVE security advisories affecting ays-pro. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ays-pro functions as a comprehensive enterprise resource planning and customer relationship management platform, primarily serving mid-to-large organizations for operational management. Its extensive feature set has historically exposed it to a wide array of security flaws, with thirty-seven Common Vulnerabilities and Exposures currently documented. These vulnerabilities predominantly involve remote code execution, cross-site scripting, and SQL injection, often stemming from insufficient input validation and improper access controls. Several incidents highlight critical privilege escalation risks, allowing unauthorized users to gain administrative access or execute arbitrary commands on the underlying server infrastructure. The complexity of the application’s architecture has contributed to these persistent weaknesses, making regular patching and rigorous security auditing essential for deployment. Organizations utilizing ays-pro must prioritize strict configuration management to mitigate the risk of data breaches and system compromise associated with these known defects.

Found 8 results / 37Clear Filters
Top products by ays-pro: Poll Maker – Versus Polls, Anonymous Polls, Image Polls Quiz Maker Survey Maker Secure Copy Content Protection and Content Locking Popup Box – Create Countdown, Coupon, Video, Contact Form Popups AI ChatBot with ChatGPT and Content Generator by AYS Chartify – WordPress Chart Plugin FAQ Builder AYS Photo Gallery by Ays – Responsive Image Gallery Image Slider by Ays- Responsive Slider and Carousel Fox LMS – WordPress LMS Plugin Quiz Maker by AYS
CVE IDTitleCVSSSeverityPublished
CVE-2025-12620 Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 6.0.7 - Authenticated (Administrator+) SQL Injection via `filterbyauthor` Parameter — Poll Maker – Versus Polls, Anonymous Polls, Image PollsCWE-89 4.9 Medium2025-11-13
CVE-2024-12575 Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.8.9 - Unauthenticated Basic Information Exposure — Poll Maker – Versus Polls, Anonymous Polls, Image PollsCWE-200 5.3 Medium2025-08-16
CVE-2024-12115 Poll Maker <= 5.5.4 - Cross-Site Request Forgery to Poll Duplication — Poll Maker – Versus Polls, Anonymous Polls, Image PollsCWE-352 4.3 Medium2024-12-07
CVE-2024-9874 WordPress Poll Maker Plugin <= 5.4.6 - Authenticated (Administrator+) Time-Based SQL Injection — Poll Maker – Versus Polls, Anonymous Polls, Image PollsCWE-89 4.9 Medium2024-11-09
CVE-2024-9462 Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via Poll Settings — Poll Maker – Versus Polls, Anonymous Polls, Image PollsCWE-79 5.5 Medium2024-10-26
CVE-2024-9475 Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) SQL Injection via Order_by Parameter — Poll Maker – Versus Polls, Anonymous Polls, Image PollsCWE-89 4.9 Medium2024-10-26
CVE-2024-3601 Poll Maker – Best WordPress Poll Plugin <= 5.1.8 - Missing Authorization to Unauthenticated Email Enumeration — Poll Maker – Versus Polls, Anonymous Polls, Image PollsCWE-862 5.3 Medium2024-05-02
CVE-2024-3600 Poll Maker – Best WordPress Poll Plugin <= 5.1.8 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting — Poll Maker – Versus Polls, Anonymous Polls, Image PollsCWE-862 7.2 High2024-04-19

This page lists every published CVE security advisory associated with ays-pro. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.