Browse all 13 CVE security advisories affecting azzaroco. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Azzaroco is a software platform primarily used for enterprise content management and workflow automation. Historically, it has been vulnerable to multiple remote code execution flaws, cross-site scripting attacks, and privilege escalation issues, accounting for its 13 recorded CVEs. The platform's complex architecture and extensive third-party integrations have contributed to persistent security challenges. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests ongoing risks for organizations relying on this system, particularly in environments where unpatched instances are exposed to public networks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25357 | WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability — Ultimate Membership ProCWE-288 | 8.1 | High | 2026-03-25 |
| CVE-2024-43242 | WordPress Indeed Ultimate Membership Pro plugin <= 12.7 - Unauthenticated PHP Object Injection vulnerability — Ultimate Membership ProCWE-502 | 9.0 | Critical | 2024-08-19 |
| CVE-2024-43240 | WordPress Indeed Ultimate Membership Pro plugin <= 12.7 - Unauthenticated Privilege Escalation vulnerability — Ultimate Membership ProCWE-287 | 9.4 | Critical | 2024-08-19 |
| CVE-2024-43241 | WordPress Indeed Ultimate Membership Pro plugin <= 12.7 - Reflected Cross Site Scripting (XSS) vulnerability — Ultimate Membership ProCWE-79 | 7.1 | High | 2024-08-18 |
This page lists every published CVE security advisory associated with azzaroco. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.