Browse all 3 CVE security advisories affecting cartpauj. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Cartpauj primarily develops web applications and content management systems, serving as a core tool for building and managing online platforms. Historically, the project has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The three CVEs recorded highlight consistent problems in input validation and access control mechanisms. While no major public security incidents have been documented, the recurring nature of these vulnerabilities suggests ongoing challenges in secure coding practices. Users are advised to maintain current patches and implement additional security layers, as the project's track record indicates potential exposure to common web application threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-60136 | WordPress User Notes plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability — User NotesCWE-79 | 5.9 | Medium | 2025-09-26 |
| CVE-2025-54746 | WordPress Shortcode Redirect Plugin <= 1.0.02 - Cross Site Scripting (XSS) Vulnerability — Shortcode RedirectCWE-79 | 6.5 | Medium | 2025-08-14 |
| CVE-2023-40673 | WordPress Cartpauj Register Captcha plugin <= 1.0.02 - Captcha Bypass vulnerability — Cartpauj Register CaptchaCWE-799 | 6.5 | Medium | 2024-06-04 |
This page lists every published CVE security advisory associated with cartpauj. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.