Browse all 14 CVE security advisories affecting crmperks. AI-powered Chinese analysis, POCs, and references for each vulnerability.
CRMperks is a WordPress plugin designed to manage customer relationships and integrate CRM systems. Historically, the plugin has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These flaws often stem from insufficient input validation and improper access controls. With 14 CVEs recorded, CRMperks has faced repeated security incidents, including cases where attackers could execute arbitrary code or steal sensitive data. The plugin's vulnerabilities have primarily affected WordPress sites, allowing unauthorized access or system compromise. Security researchers have consistently identified similar patterns in the codebase, highlighting ongoing security challenges in the plugin's design and implementation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12443 | CRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — CRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScoutCWE-79 | 6.4 | Medium | 2024-12-16 |
This page lists every published CVE security advisory associated with crmperks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.