Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

dasinfomedia — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting dasinfomedia. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Dasinfomedia develops digital marketing and content management solutions for businesses. Historically, their products have frequently been affected by remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access controls. While no major public security incidents have been widely documented, the 18 CVEs on record indicate consistent security challenges, particularly in web application components. Their software typically requires regular patching to address authentication flaws and insecure default configurations. The company's solutions remain attractive to small to medium enterprises despite these vulnerabilities, necessitating robust security practices from implementation through ongoing maintenance.

Top products by dasinfomedia: School Management System for Wordpress WPGYM - Wordpress Gym Management System WPCHURCH
CVE IDTitleCVSSSeverityPublished
CVE-2025-31643 WordPress WPCHURCH plugin <= 2.7.0 - Privilege Escalation Vulnerability — WPCHURCHCWE-266 8.8 High2026-01-07
CVE-2025-31642 WordPress WPCHURCH plugin <= 2.7.0 - Reflected Cross Site Scripting (XSS) vulnerability — WPCHURCHCWE-79 7.1 High2026-01-06
CVE-2025-7049 WPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover — WPGYM - Wordpress Gym Management SystemCWE-639 8.8 High2025-09-10
CVE-2025-6079 School Management System <= 93.2.0 - Authenticated (Student+) Arbitrary File Upload — School Management System for WordpressCWE-434 8.8 High2025-08-16
CVE-2025-6080 WPGYM <= 67.7.0 - Missing Authorization to Admin Account Creation — WPGYM - Wordpress Gym Management SystemCWE-269 8.8 High2025-08-16
CVE-2025-3671 WPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update — WPGYM - Wordpress Gym Management SystemCWE-22 8.8 High2025-08-16
CVE-2024-12612 School Management System for Wordpress <= 93.2.0 - Unauthenticated SQL Injection — School Management System for WordpressCWE-89 7.5 High2025-08-16
CVE-2025-3740 School Management System for Wordpress <= 93.1.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update — School Management System for WordpressCWE-22 8.8 High2025-07-18
CVE-2025-7442 WPGYM - Wordpress Gym Management System < 67.8.0 - Unauthenticated SQL Injection — WPGYM - Wordpress Gym Management SystemCWE-89 7.5 High2025-07-11
CVE-2024-9658 School Management System for Wordpress <= 93.0.0 - Authenticated (Student+) Account Takeover and Privilege Escalation — School Management System for WordpressCWE-288 8.8 High2025-03-07
CVE-2024-12609 School Management System for Wordpress <= 92.0.0 - Authenticated (Student+) SQL Injection via 'view-attendance' — School Management System for WordpressCWE-89 6.5 Medium2025-03-07
CVE-2024-12610 School Management System for Wordpress <= 93.0.0 - Missing Authorization to Unauthenticated Arbitrary Post Deletion — School Management System for WordpressCWE-862 5.3 Medium2025-03-07
CVE-2024-12611 School Management System for Wordpress <= 93.0.0 - Reflected Cross-Site Scripting — School Management System for WordpressCWE-862 5.3 Medium2025-03-07
CVE-2024-12607 School Management System for Wordpress <= 92.0.0 - Authenticated (Subscriber+) SQL Injection via 'mj_smgt_show_event_task' — School Management System for WordpressCWE-89 6.5 Medium2025-03-07
CVE-2024-9659 School Management <= 91.5.0 - Unauthenticated Arbitrary File Upload — School Management System for WordpressCWE-434 9.8 Critical2024-11-23
CVE-2024-9941 WPGYM <= 67.1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation — WPGYM - Wordpress Gym Management SystemCWE-269 8.8 High2024-11-23
CVE-2024-9942 WPGYM <= 67.1.0 - Unauthenticated Arbitrary File Upload — WPGYM - Wordpress Gym Management SystemCWE-434 9.8 Critical2024-11-23
CVE-2024-9660 School Management <= 91.5.0 - Authenticated (Student+) Arbitrary File Upload — School Management System for WordpressCWE-434 8.8 High2024-11-23

This page lists every published CVE security advisory associated with dasinfomedia. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.