Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

devsoftbaltic — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting devsoftbaltic. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Devsoftbaltic develops enterprise software solutions with a core focus on business process automation and workflow management systems. Historically, their products have been vulnerable to multiple remote code execution flaws, cross-site scripting vulnerabilities, and privilege escalation issues, accounting for the majority of their 10 recorded CVEs. Their security posture has been characterized by inconsistent patch release cycles and delayed remediation timelines. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in their web applications and API endpoints suggests potential weaknesses in secure coding practices and security testing protocols.

Top products by devsoftbaltic: SurveyJS: Drag & Drop Form Builder SurveyJS
CVE IDTitleCVSSSeverityPublished
CVE-2026-2440 SurveyJS: Drag & Drop Form Builder <= 2.5.3 - Unauthenticated Stored Cross-Site Scripting — SurveyJS: Drag & Drop Form BuilderCWE-79 7.2 High2026-03-21
CVE-2025-13205 SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 2.5.2 - Cross-Site Request Forgery to Survey Cloning — SurveyJS: Drag & Drop Form BuilderCWE-352 4.3 Medium2026-01-24
CVE-2025-13194 SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 2.5.2 - Cross-Site Request Forgery to Survey Renaming — SurveyJS: Drag & Drop Form BuilderCWE-352 4.3 Medium2026-01-24
CVE-2025-13139 SurveyJS: Drag & Drop WordPress Form Builder <= 2.5.2 - Cross-Site Request Forgery to Survey Creation — SurveyJS: Drag & Drop Form BuilderCWE-352 4.3 Medium2026-01-24
CVE-2025-13140 SurveyJS: Drag & Drop WordPress Form Builder <= 1.12.20 - Cross-Site Request Forgery to Survey Deletion — SurveyJS: Drag & Drop Form BuilderCWE-352 4.3 Medium2025-12-02
CVE-2025-3815 SurveyJS <= 1.12.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — SurveyJS: Drag & Drop Form BuilderCWE-79 6.4 Medium2025-05-03
CVE-2025-32256 WordPress SurveyJS plugin <= 1.12.20 - Broken Access Control vulnerability — SurveyJSCWE-862 5.3 Medium2025-04-04
CVE-2025-32167 WordPress SurveyJS plugin <= 1.12.20 - Cross Site Scripting (XSS) vulnerability — SurveyJSCWE-79 6.5 Medium2025-04-04
CVE-2024-12544 SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 1.12.17 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion via SurveyJS_DeleteFile — SurveyJS: Drag & Drop Form BuilderCWE-862 8.8 High2025-03-01
CVE-2024-50427 WordPress SurveyJS plugin <= 1.9.136 - Arbitrary File Upload vulnerability — SurveyJSCWE-434 9.9 Critical2024-10-29

This page lists every published CVE security advisory associated with devsoftbaltic. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.