Browse all 8 CVE security advisories affecting cloudways. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Cloudways provides managed cloud hosting services for web applications, focusing on AWS, Google Cloud, and other platforms. Historically, the platform has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from misconfigurations or third-party integrations. While no major public security incidents have been widely documented, the 8 CVEs on record highlight potential risks in areas like server management and API security. The service emphasizes automated backups and firewalls but requires careful configuration to prevent common cloud threats, reflecting typical challenges in managed hosting environments where security responsibilities are shared between provider and customer.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-69364 | WordPress Breeze plugin <= 2.2.21 - Broken Access Control vulnerability — BreezeCWE-862 | 5.3 | Medium | 2026-01-06 |
| CVE-2025-23999 | WordPress Breeze plugin <= 2.2.13 - Broken Access Control vulnerability — BreezeCWE-862 | 4.3 | Medium | 2025-06-18 |
| CVE-2024-50422 | WordPress Breeze plugin <= 2.1.14 - Broken Access Control vulnerability — BreezeCWE-862 | 5.3 | Medium | 2024-10-29 |
| CVE-2024-50431 | WordPress Breeze plugin <= 2.1.14 - Cross Site Scripting (XSS) vulnerability — BreezeCWE-79 | 5.9 | Medium | 2024-10-28 |
| CVE-2024-27188 | WordPress Breeze plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability — BreezeCWE-79 | 5.9 | Medium | 2024-03-27 |
This page lists every published CVE security advisory associated with cloudways. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.