Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

brechtvds — Vulnerabilities & Security Advisories 24

Browse all 24 CVE security advisories affecting brechtvds. AI-powered Chinese analysis, POCs, and references for each vulnerability.

brechtvds operates as a software development entity, primarily known for creating open-source tools and utilities that facilitate system administration and network management. Security audits have identified twenty-four Common Vulnerabilities and Exposures (CVEs) associated with its codebase, indicating a history of significant technical oversight. The most prevalent vulnerability classes include Remote Code Execution (RCE) and Cross-Site Scripting (XSS), which often stem from inadequate input validation and improper handling of user-supplied data. Additionally, several instances of privilege escalation and insecure direct object references have been documented, suggesting weaknesses in access control mechanisms. While no single catastrophic incident has defined the entity’s public reputation, the cumulative effect of these flaws highlights a pattern of recurring security gaps in its development lifecycle. These issues necessitate rigorous code review processes and automated security testing to mitigate risks for downstream users relying on brechtvds’ software solutions.

Top products by brechtvds: WP Recipe Maker WP Ultimate Post Grid Easy Affiliate Links Easy Image Collage Custom Related Posts Visual Link Preview Dynamic Widget Content
CVE IDTitleCVSSSeverityPublished
CVE-2026-1558 WP Recipe Maker <= 10.3.2 - Insecure Direct Object Reference to Unauthenticated Arbitrary Post Metadata Modification via 'recipeId' Parameter — WP Recipe MakerCWE-639 5.3 Medium2026-02-27
CVE-2025-14742 WP Recipe Maker <= 10.2.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure — WP Recipe MakerCWE-639 4.3 Medium2026-02-25
CVE-2026-1268 Dynamic Widget Content <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Content Field — Dynamic Widget ContentCWE-79 6.4 Medium2026-02-05
CVE-2025-15527 WP Recipe Maker <= 10.2.2 - Insecure Direct Object Reference to Sensitive Information Exposure — WP Recipe MakerCWE-200 4.3 Medium2026-01-16
CVE-2025-14385 WP Recipe Maker <= 10.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WP Recipe MakerCWE-79 6.4 Medium2025-12-17
CVE-2025-11987 Visual Link Preview <= 2.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview Shortcode — Visual Link PreviewCWE-80 6.4 Medium2025-11-05
CVE-2025-1503 WP Recipe Maker <= 9.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP Recipe MakerCWE-79 6.4 Medium2025-03-13
CVE-2024-12825 Custom Related Posts <= 1.7.3 - Missing Authorization to Authenticated (Subscriber+) Private Post Search and Relation Updates — Custom Related PostsCWE-862 5.4 Medium2025-02-01
CVE-2024-9650 WP Recipe Maker <= 9.6.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'tooltip' — WP Recipe MakerCWE-79 6.5 Medium2024-10-24
CVE-2024-9051 WP Ultimate Post Grid <= 3.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpupg-grid-with-filters Shortcode — WP Ultimate Post GridCWE-79 6.4 Medium2024-10-11
CVE-2024-5864 Easy Affiliate Links <= 3.7.3 - Missing Authorization to Authenticated (Subscriber+) Settings Reset — Easy Affiliate LinksCWE-862 4.3 Medium2024-06-28
CVE-2024-5863 Easy Image Collage <= 1.13.5 - Missing Authorization to Authenticated (Contributor+) Data Clearance — Easy Image CollageCWE-862 5.4 Medium2024-06-28
CVE-2024-0383 WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'group_tag' — WP Recipe MakerCWE-79 6.4 Medium2024-06-19
CVE-2024-4043 WP Ultimate Post Grid <= 3.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpupg-text Shortcode — WP Ultimate Post GridCWE-79 6.4 Medium2024-05-23
CVE-2024-3490 WP Recipe Maker <= 9.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via wprm-recipe-roundup-item Shortcode — WP Recipe MakerCWE-79 6.4 Medium2024-05-02
CVE-2024-1571 WP Recipe Maker <= 9.2.1 - Authenticated Stored Cross-Site Scripting via Video Embed — WP Recipe MakerCWE-79 4.4 Medium2024-04-09
CVE-2024-1206 WP Recipe Maker <= 9.1.2 - Missing Authorization to Authenticated (Subscriber+) SQL Injecton — WP Recipe MakerCWE-89 8.8 High2024-02-20
CVE-2024-0384 WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Recipe Notes — WP Recipe MakerCWE-79 6.4 Medium2024-02-05
CVE-2024-0255 WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via icon_color — WP Recipe MakerCWE-79 6.4 Medium2024-02-05
CVE-2024-0380 WP Recipe Maker <= 9.1.0 - Directory Traversal — WP Recipe MakerCWE-22 5.4 Medium2024-02-05
CVE-2024-0382 WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via header_tag — WP Recipe MakerCWE-79 6.4 Medium2024-02-05
CVE-2024-0381 WP Recipe Maker <= 9.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'tag' — WP Recipe MakerCWE-79 6.4 Medium2024-01-18
CVE-2023-6958 WP Recipe Maker <= 9.1.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode — WP Recipe MakerCWE-79 6.4 Medium2024-01-18
CVE-2023-6970 WP Recipe Maker <= 9.1.0 - Reflected Cross-Site Scripting via Referer — WP Recipe MakerCWE-79 6.1 Medium2024-01-18

This page lists every published CVE security advisory associated with brechtvds. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.