Browse all 3 CVE security advisories affecting bloompixel. AI-powered Chinese analysis, POCs, and references for each vulnerability.
BloomPixel develops digital asset management solutions for creative industries, enabling organizations to store, organize, and distribute media content. Historically, the organization has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation flaws, primarily affecting web interfaces and API endpoints. While no major public security incidents have been documented, the three CVEs on record highlight consistent weaknesses in input validation and access control mechanisms. These vulnerabilities typically allow unauthorized access to sensitive media assets or system compromise, underscoring the need for robust security practices in creative workflow management platforms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-14610 | TableMaster for Elementor <= 1.3.6 - Authenticated (Author+) Server-Side Request Forgery via 'csv_url' Parameter — TableMaster for Elementor – Advanced Responsive Tables for ElementorCWE-918 | 7.2 | High | 2026-01-28 |
| CVE-2024-32952 | WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Reflected Cross Site Scripting (XSS) vulnerability — Max Addons Pro for BricksCWE-79 | 7.1 | High | 2024-04-24 |
| CVE-2024-32951 | WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Unauthenticated Plugin Settings Reset vulnerability — Max Addons Pro for BricksCWE-862 | 6.5 | Medium | 2024-04-24 |
This page lists every published CVE security advisory associated with bloompixel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.