Browse all 6 CVE security advisories affecting delower186. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Delower186 is a security researcher focused on identifying vulnerabilities in web applications and enterprise software, with six CVEs primarily in RCE and XSS categories. The researcher has demonstrated particular expertise in identifying flaws that allow attackers to execute arbitrary code or inject malicious scripts. While no major public incidents are directly attributed to delower186, the CVEs show consistent patterns in targeting authentication bypasses and input validation weaknesses across multiple platforms. The researcher's work typically involves detailed proof-of-concept code that facilitates rapid remediation by affected vendors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-6681 | Fan Page <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter — Fan PageCWE-79 | 6.4 | Medium | 2025-07-29 |
| CVE-2024-3944 | WP To Do <= 1.3.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Task Comments — WP To DoCWE-79 | 4.4 | Medium | 2024-08-29 |
| CVE-2024-3946 | WP To Do <= 1.3.0 - Authenticated (Admin+) Stored Cross-Site Scripting via Settings — WP To DoCWE-79 | 4.4 | Medium | 2024-05-30 |
| CVE-2024-3947 | WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_settings — WP To DoCWE-352 | 4.3 | Medium | 2024-05-30 |
| CVE-2024-3945 | WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_manage() — WP To DoCWE-352 | 4.3 | Medium | 2024-05-30 |
| CVE-2024-3943 | WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_addcomment — WP To DoCWE-352 | 4.3 | Medium | 2024-05-30 |
This page lists every published CVE security advisory associated with delower186. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.