Browse all 21 CVE security advisories affecting emarket-design. AI-powered Chinese analysis, POCs, and references for each vulnerability.
emarket-design operates as a provider of e-commerce platform solutions, facilitating online retail operations for businesses. Security assessments have identified twenty-one distinct Common Vulnerabilities and Exposures (CVEs) associated with its software infrastructure. Historically, the most prevalent vulnerability classes include remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. These issues often stem from insufficient input validation and inadequate access controls within the application’s core modules. Notable security characteristics reveal a pattern of critical severity ratings, particularly in versions lacking recent patching. While specific major public incidents are not widely documented in open sources, the high volume of CVEs indicates systemic weaknesses in the development lifecycle. Organizations utilizing emarket-design solutions are advised to prioritize immediate patching of identified RCE and XSS vectors to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13403 | Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.3 - Missing Authorization to Authenticated (Subscriber+) Tracking Opt-In/Opt-Out Modification — Employee Spotlight – Team Member Showcase & Meet the Team PluginCWE-862 | 4.3 | Medium | 2025-12-13 |
| CVE-2025-12090 | Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Employee Spotlight – Team Member Showcase & Meet the Team PluginCWE-79 | 6.4 | Medium | 2025-11-01 |
This page lists every published CVE security advisory associated with emarket-design. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.