Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

codepeople — Vulnerabilities & Security Advisories 70

Browse all 70 CVE security advisories affecting codepeople. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Codepeople operates as a provider of enterprise software solutions, primarily focusing on human resources and payroll management systems. Historical security audits reveal a significant volume of vulnerabilities, with seventy CVEs currently on record, indicating persistent weaknesses in their development lifecycle. The most prevalent flaw classes include remote code execution and cross-site scripting, which often stem from inadequate input validation and improper session management. Additionally, privilege escalation vulnerabilities have been frequently exploited, allowing unauthorized users to access sensitive administrative functions. These issues suggest a lack of rigorous security testing during the software development phase. While no single catastrophic data breach has been widely publicized as a direct result of these specific CVEs, the high count of critical and high-severity findings poses a substantial risk to client data integrity. Organizations relying on these platforms must prioritize patching and implement strict access controls to mitigate the identified risks effectively.

Found 11 results / 70Clear Filters
Top products by codepeople: Calculated Fields Form WP Time Slots Booking Form Contact Form Email Booking Calendar Contact Form CP Multi View Event Calendar Appointment Hour Booking – Booking Calendar CP Polls Appointment Booking Calendar CP Contact Form with PayPal Form Builder CP Appointment Hour Booking Payment Form for PayPal Pro Music Player for WooCommerce Sell Downloads cp-polls Plugin Music Store CP Image Store with Slideshow Music Store - WordPress eCommerce Search in Place CP Media Player Google Maps CP CP Blocks Appointment Booking Calendar (WordPress plugin) Appointment Hour Booking (WordPress plugin) Corner Ad
CVE IDTitleCVSSSeverityPublished
CVE-2026-3986 Calculated Fields Form <= 5.4.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Form Settings — Calculated Fields FormCWE-79 6.4 Medium2026-03-13
CVE-2026-25368 WordPress Calculated Fields Form plugin <= 5.4.4.1 - Broken Access Control vulnerability — Calculated Fields FormCWE-862 6.5 Medium2026-02-19
CVE-2025-49291 WordPress Calculated Fields Form plugin <= 5.3.58 - Cross Site Request Forgery (CSRF) Vulnerability — Calculated Fields FormCWE-352 4.3 Medium2025-06-06
CVE-2024-12601 Calculated Fields Form <= 5.2.63 - Denial of Service — Calculated Fields FormCWE-400 5.3 Medium2024-12-17
CVE-2024-9940 Calculated Fields Form <= 5.2.45 - HTML Injection — Calculated Fields FormCWE-75 5.3 Medium2024-10-17
CVE-2023-26523 WordPress Calculated Fields Form plugin <= 1.1.120 - Missing Authorization Leading To Feedback Submission Vulnerability — Calculated Fields FormCWE-862 4.3 Medium2024-06-03
CVE-2024-29759 WordPress Calculated Fields Form plugin <= 1.2.54 - Reflected Cross Site Scripting (XSS) vulnerability — Calculated Fields FormCWE-79 7.1 High2024-03-27
CVE-2024-2020 Calculated Fields Form Professional <= 5.1.56 - Unauthenticated Stored Cross-Site Scripting — Calculated Fields FormCWE-79 7.2 High2024-03-13
CVE-2024-0963 Calculated Fields Form <= 1.2.52 - Authenticated (Contributor+) Stored Cross-Site Scripting — Calculated Fields FormCWE-79 6.4 Medium2024-02-02
CVE-2023-6446 Calculated Fields Form <= 1.2.40 - Authenticated (Admin+) Stored Cross-Site Scripting — Calculated Fields FormCWE-87 4.4 Medium2024-01-11
CVE-2023-51517 WordPress Calculated Fields Form Plugin <= 1.2.28 is vulnerable to Open Redirection — Calculated Fields FormCWE-601 4.1 Medium2023-12-29

This page lists every published CVE security advisory associated with codepeople. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.