Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

duogeek — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting duogeek. AI-powered Chinese analysis, POCs, and references for each vulnerability.

DuoGeek provides multi-factor authentication and identity-based security solutions, primarily serving organizations requiring secure access controls. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws, with seven CVEs documented to date. The platform's security architecture emphasizes zero-trust principles, though past incidents have involved authentication bypass weaknesses in API endpoints. DuoGeek's integration capabilities have introduced additional attack surfaces, particularly in third-party connector implementations. Recent updates focus on improving input validation and session management to address recurring vulnerability patterns across their authentication workflows.

Top products by duogeek: Custom Dashboard Widget Custom Admin Menu EventPress Email to Download Simple Amazon Affiliate Easy Custom Admin Bar
CVE IDTitleCVSSSeverityPublished
CVE-2025-2479 Easy Custom Admin Bar <= 1.0 - Reflected Cross-Site Scripting via msg Parameter — Easy Custom Admin BarCWE-79 6.1 Medium2025-03-22
CVE-2025-2077 Simple Amazon Affiliate <= 1.0.9 - Reflected Cross-Site Scripting — Simple Amazon AffiliateCWE-79 6.1 Medium2025-03-12
CVE-2025-23786 WordPress Email to Download Plugin <= 3.1.0 - Reflected Cross Site Scripting (XSS) vulnerability — Email to DownloadCWE-79 7.1 High2025-02-14
CVE-2024-56024 WordPress Custom Dashboard Widget plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability — Custom Dashboard WidgetCWE-79 7.1 High2025-01-02
CVE-2024-51860 WordPress Custom Dashboard Widget plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability — Custom Dashboard WidgetCWE-79 6.5 Medium2024-11-19
CVE-2024-51861 WordPress EventPress plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability — EventPressCWE-79 6.5 Medium2024-11-19
CVE-2024-51618 WordPress Custom Admin Menu plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — Custom Admin MenuCWE-79 6.5 Medium2024-11-09

This page lists every published CVE security advisory associated with duogeek. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.