Browse all 6 CVE security advisories affecting fernandobt. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Fernandobt is a security researcher focused on identifying vulnerabilities in web applications and enterprise software, with six CVEs primarily involving RCE and XSS flaws. Their work often centers on privilege escalation weaknesses in authentication systems and API endpoints. While no major public incidents are directly linked to their research, fernandobt's contributions consistently highlight critical input validation and access control issues. Their CVE history demonstrates a pattern of uncovering both straightforward injection flaws and complex logical vulnerabilities that could lead to complete system compromise. The researcher maintains a neutral profile, with no known controversies, and their findings typically result in coordinated vulnerability disclosures rather than public exploit releases.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-3005 | List category posts <= 0.94.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'catlist' Shortcode — List category postsCWE-79 | 6.4 | Medium | 2026-04-09 |
| CVE-2025-10163 | List Category Posts <= 0.91.0 - Authenticated (Contributor+) SQL Injection via Plugin's Shortcode — List category postsCWE-89 | 6.5 | Medium | 2025-12-11 |
| CVE-2025-11377 | List category posts <= 0.92.0 - Authenticated (Contributor+) Information Exposure — List category postsCWE-200 | 4.3 | Medium | 2025-11-01 |
| CVE-2024-4356 | List categories <= 0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — List categoriesCWE-79 | 6.4 | Medium | 2024-05-30 |
| CVE-2024-1051 | List category posts <= 0.89.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — List category postsCWE-79 | 6.4 | Medium | 2024-03-30 |
| CVE-2023-6994 | List category posts <= 0.89.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — List category postsCWE-79 | 6.4 | Medium | 2024-01-11 |
This page lists every published CVE security advisory associated with fernandobt. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.