Browse all 11 CVE security advisories affecting davidanderson. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Davidanderson is primarily associated with web application vulnerabilities, with 11 CVEs recorded across various products. Common vulnerability classes include remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and access control flaws. Security characteristics reveal a pattern of authentication bypass issues and insecure direct object references in legacy systems. No major public incidents have been directly linked to this identifier, though the consistent presence of similar vulnerability types suggests potential systemic weaknesses in development practices. The CVE history indicates a focus on server-side vulnerabilities rather than client-side exploits, with several critical flaws remaining unpatched in older product versions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-9488 | Redux Framework <= 4.5.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via data Parameter — Redux FrameworkCWE-79 | 6.4 | Medium | 2025-12-13 |
| CVE-2024-6828 | Redux Framework 4.4.12 - 4.4.17 - Unauthenticated JSON File Upload to Stored Cross-Site Scripting — Redux FrameworkCWE-434 | 7.2 | High | 2024-07-23 |
This page lists every published CVE security advisory associated with davidanderson. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.