Browse all 5 CVE security advisories affecting cmorillas1. AI-powered Chinese analysis, POCs, and references for each vulnerability.
cmorillas1 is a security researcher focused on identifying vulnerabilities in web applications and enterprise software, with a core use case of improving software security through responsible disclosure. Historically, their findings have predominantly centered on remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, though privilege escalation flaws have also been documented. Their contributions to CVE records demonstrate a consistent pattern of uncovering critical flaws in widely used systems. While no major public security incidents are directly attributed to their work, their CVE contributions highlight persistent security challenges in enterprise software development, particularly in areas requiring robust input validation and secure coding practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-54264 | WordPress Shortcodes Blocks Creator Ultimate plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability — Shortcodes Blocks Creator UltimateCWE-79 | 7.1 | High | 2024-12-13 |
| CVE-2024-12167 | Shortcodes Blocks Creator Ultimate <= 2.2.0 - Reflected Cross-Site Scripting via _wpnonce — Shortcodes Blocks Creator UltimateCWE-79 | 6.1 | Medium | 2024-12-07 |
| CVE-2024-12166 | Shortcodes Blocks Creator Ultimate <= 2.2.0 - Reflected Cross-Site Scripting via 'page' — Shortcodes Blocks Creator UltimateCWE-79 | 6.1 | Medium | 2024-12-07 |
| CVE-2024-10311 | External Database Based Actions <= 0.1 - Authenticated (Subscriber+) Authentication Bypass — External Database Based ActionsCWE-288 | 7.5 | High | 2024-11-15 |
| CVE-2024-10340 | Shortcodes Blocks Creator Ultimate <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Shortcodes Blocks Creator UltimateCWE-79 | 6.4 | Medium | 2024-11-05 |
This page lists every published CVE security advisory associated with cmorillas1. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.