Browse all 3 CVE security advisories affecting divisupreme. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Divisupreme operates as a software platform primarily serving enterprise content management and collaboration needs. Historically, the product has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its three recorded CVEs. The platform's complex architecture and extensive third-party integrations have contributed to these security challenges. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in core functionality suggests ongoing security concerns that require diligent patch management and access controls for organizations relying on this solution.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13062 | Supreme Modules Lite <= 2.5.62 - Authenticated (Author+) Arbitrary File Upload via JSON Upload Bypass — Supreme Modules Lite – Divi Theme, Extra Theme and Divi BuilderCWE-434 | 8.8 | High | 2026-01-15 |
| CVE-2024-5501 | Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder <= 2.5.51 - Authenticated (Contributor+) Stored Cross-Site Scripting — Supreme Modules Lite – Divi Theme, Extra Theme and Divi BuilderCWE-79 | 6.4 | Medium | 2024-06-01 |
| CVE-2024-4334 | Supreme Modules Lite – Divi Theme, Extra Theme and Divi Builder <= 2.5.3 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting — Supreme Modules Lite – Divi Theme, Extra Theme and Divi BuilderCWE-79 | 6.4 | Medium | 2024-05-02 |
This page lists every published CVE security advisory associated with divisupreme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.