Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

designinvento — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting designinvento. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Designinvento develops web-based collaboration and project management tools used by organizations worldwide. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access control issues. While no major public security incidents have been documented, the 12 CVEs attributed to the company indicate a pattern of security weaknesses in their software development lifecycle. Their products typically require network exposure, increasing attack surface for potential exploitation. Security researchers have noted inconsistent patch response times, leaving some vulnerabilities unaddressed for extended periods.

Top products by designinvento: DirectoryPress DirectoryPress – Business Directory And Classified Ad Listing DirectoryPress Frontend
CVE IDTitleCVSSSeverityPublished
CVE-2026-3489 DirectoryPress – Business Directory And Classified Ad Listing <= 3.6.26 - Unauthenticated SQL Injection via 'packages' — DirectoryPress – Business Directory And Classified Ad ListingCWE-89 7.5 High2026-04-16
CVE-2026-39566 WordPress DirectoryPress plugin <= 3.6.26 - Sensitive Data Exposure vulnerability — DirectoryPressCWE-497 4.3 Medium2026-04-08
CVE-2026-27387 WordPress DirectoryPress plugin <= 3.6.26 - Broken Access Control vulnerability — DirectoryPressCWE-862 5.4 Medium2026-02-19
CVE-2026-23548 WordPress DirectoryPress plugin <= 3.6.25 - Broken Access Control vulnerability — DirectoryPressCWE-862 5.3 Medium2026-02-19
CVE-2025-62967 WordPress DirectoryPress plugin <= 3.6.25 - Cross Site Scripting (XSS) vulnerability — DirectoryPressCWE-79 6.5 Medium2025-10-27
CVE-2025-32249 WordPress DirectoryPress Plugin <= 3.6.22 - Cross Site Request Forgery (CSRF) vulnerability — DirectoryPressCWE-352 5.4 Medium2025-04-04
CVE-2024-10581 DirectoryPress Frontend <= 2.7.9 - Cross-Site Request Forgery to Listing Status Update — DirectoryPress FrontendCWE-352 4.3 Medium2025-02-15
CVE-2024-49633 WordPress DirectoryPress plugin <= 3.6.19 - Cross Site Scripting (XSS) vulnerability — DirectoryPressCWE-79 7.1 High2025-01-07
CVE-2024-10584 DirectoryPress <= 3.6.16 - Authenticated (Author+) Stored Cross-Site Scripting — DirectoryPress – Business Directory And Classified Ad ListingCWE-434 5.4 Medium2024-12-24
CVE-2023-37967 WordPress DirectoryPress plugin <= 3.6.2 - Unauthenticated Broken Access Control Vulnerability — DirectoryPressCWE-862 6.5 Medium2024-12-13
CVE-2024-38755 WordPress DirectoryPress plugin <= 3.6.10 - SQL Injection vulnerability — DirectoryPressCWE-89 8.5 High2024-07-22
CVE-2024-32567 WordPress DirectoryPress plugin <= 3.6.7 - Reflected Cross Site Scripting (XSS) vulnerability — DirectoryPressCWE-79 7.1 High2024-04-18

This page lists every published CVE security advisory associated with designinvento. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.