Browse all 3 CVE security advisories affecting farinspace. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Farinspace develops web applications and content management systems primarily used for building and managing online presence. Historically, their products have been vulnerable to cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. Security researchers have identified multiple critical vulnerabilities in their components, including stored XSS in form handlers and RCE through insecure file uploads. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in their products suggests a need for improved security development practices across their application ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-46505 | WordPress Peekaboo plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability — PeekabooCWE-79 | 6.5 | Medium | 2025-04-24 |
| CVE-2025-22751 | WordPress Partners Plugin <= 0.2.0 - Reflected Cross Site Scripting (XSS) vulnerability — PartnersCWE-79 | 7.1 | High | 2025-01-15 |
| CVE-2024-56059 | WordPress Partners plugin <= 0.2.0 - PHP Object Injection vulnerability — PartnersCWE-1321 | 9.8 | Critical | 2024-12-18 |
This page lists every published CVE security advisory associated with farinspace. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.