Browse all 9 CVE security advisories affecting bobbingwide. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Bobbingwide develops WordPress plugins and themes, primarily for content management and e-commerce solutions. Historically, their products have frequently contained remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from insufficient input validation and improper sanitization. Several critical flaws have allowed attackers to execute arbitrary code or escalate privileges by exploiting unauthenticated or low-privilege access points. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities across multiple products indicates systemic security weaknesses in their development practices, with nine CVEs reflecting ongoing risks for users implementing their solutions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3661 | SB Chart block <= 1.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter — SB Chart blockCWE-79 | 6.4 | Medium | 2025-04-19 |
This page lists every published CVE security advisory associated with bobbingwide. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.