Browse all 5 CVE security advisories affecting catchsquare. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Catchsquare provides enterprise software solutions for supply chain management, with its platform facilitating vendor onboarding and compliance tracking. Historically, the application has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its five recorded CVEs. Notable security characteristics include insufficient input validation and inadequate access controls in several modules. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in web components suggests potential risks for organizations relying on the platform for critical supply chain operations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-57981 | WordPress WP Social Widget Plugin <= 2.3.1 - Cross Site Scripting (XSS) Vulnerability — WP Social WidgetCWE-79 | 6.5 | Medium | 2025-09-22 |
| CVE-2025-49306 | WordPress WP Social Widget plugin <= 2.3 - Cross Site Scripting (XSS) Vulnerability — WP Social WidgetCWE-79 | 6.5 | Medium | 2025-06-06 |
| CVE-2025-30610 | WordPress WP Social Widget plugin <= 2.2.7 - Cross Site Scripting (XSS) Vulnerability — WP Social WidgetCWE-79 | 6.5 | Medium | 2025-03-24 |
| CVE-2024-27189 | WordPress WP Social Widget plugin <= 2.2.5 - Cross Site Scripting (XSS) vulnerability — WP Social WidgetCWE-79 | 6.5 | Medium | 2024-03-15 |
| CVE-2023-23675 | WordPress WP Smart Preloader Plugin <= 1.15 is vulnerable to Cross Site Scripting (XSS) — WP Smart PreloaderCWE-79 | 5.9 | Medium | 2023-03-30 |
This page lists every published CVE security advisory associated with catchsquare. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.