Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

codemstory — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting codemstory. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Codemstory develops software development tools with a core focus on code collaboration and project management. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for their 8 recorded CVEs. The company has faced scrutiny for insufficient input validation and improper access controls in web interfaces. While no major public security incidents have been documented, their vulnerability history suggests a pattern of security gaps in authentication mechanisms and server-side request handling, requiring ongoing remediation efforts to maintain secure development environments.

Top products by codemstory: 코드엠샵 소셜톡 워드프레스 결제 심플페이 – 우커머스 결제 플러그인 워드프레스 결제 심플페이 우커머스 네이버페이
CVE IDTitleCVSSSeverityPublished
CVE-2025-58828 WordPress 코드엠샵 소셜톡 plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability — 코드엠샵 소셜톡CWE-79 6.5 Medium2025-09-05
CVE-2025-47661 WordPress 워드프레스 결제 심플페이 plugin <= 5.2.11 - Cross Site Request Forgery (CSRF) Vulnerability — 워드프레스 결제 심플페이CWE-352 5.4 Medium2025-05-07
CVE-2024-56281 WordPress 워드프레스 결제 심플페이 – 우커머스 결제 플러그인 plugin <= 5.2.0 - Local File Inclusion vulnerability — 워드프레스 결제 심플페이CWE-98 7.5 High2025-01-07
CVE-2024-11904 코드엠샵 소셜톡 <= 1.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — 코드엠샵 소셜톡CWE-79 6.4 Medium2024-12-07
CVE-2024-11943 워드프레스 결제 심플페이 – 우커머스 결제 플러그인 <= 5.2.2 - Reflected Cross-Site Scripting via add_query_arg Function — 워드프레스 결제 심플페이 – 우커머스 결제 플러그인CWE-79 6.1 Medium2024-12-07
CVE-2024-11228 워드프레스 결제 심플페이 – 우커머스 결제 플러그인 <= 5.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting pafw_instant_payment Shortcode — 워드프레스 결제 심플페이 – 우커머스 결제 플러그인CWE-79 6.4 Medium2024-11-23
CVE-2024-11229 코드엠샵 소셜톡 <= 1.1.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via add_plus_friends and add_plus_talk Shortcodes — 코드엠샵 소셜톡CWE-79 6.4 Medium2024-11-23
CVE-2024-11231 우커머스 네이버페이 <= 3.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via mnp_purchase Shortcode — 우커머스 네이버페이CWE-79 6.4 Medium2024-11-23

This page lists every published CVE security advisory associated with codemstory. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.