Browse all 3 CVE security advisories affecting badhonrocks. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Badhonrocks operates as a software development platform primarily used for creating and managing web applications. Historically, the project has been associated with multiple critical vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. These weaknesses often stem from insufficient input validation and improper access control mechanisms. While no major public security incidents have been documented, the presence of three CVEs indicates ongoing security challenges. The project's codebase appears to prioritize functionality over security hardening, resulting in recurring issues that could allow attackers to compromise systems or access sensitive data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-0353 | Divi Torque Lite <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Divi Torque Lite – Divi Theme, Divi Builder & Extra ThemeCWE-79 | 6.4 | Medium | 2025-01-29 |
| CVE-2025-0350 | Divi Carousel Lite <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Carousel and Logo Carousel Widgets — Divi Carousel Free (Divi5 Support)CWE-79 | 6.4 | Medium | 2025-01-25 |
| CVE-2024-5892 | Divi Torque Lite – Divi Theme and Extra Theme <= 3.6.6 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload — Divi Torque Lite – Divi Theme, Divi Builder & Extra ThemeCWE-79 | 6.4 | Medium | 2024-06-12 |
This page lists every published CVE security advisory associated with badhonrocks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.