Browse all 3 CVE security advisories affecting florent73. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Florent73 develops software components primarily used in web applications and content management systems, with three CVEs recorded for RCE and XSS vulnerabilities. Historically, their code has been susceptible to injection flaws and improper input validation, leading to remote code execution in multiple instances. While no major security incidents have been publicly documented, their consistent vulnerability pattern suggests a need for stricter sanitization practices. The affected components often require elevated privileges, increasing potential impact when exploited. Security researchers have noted recurring issues in their handling of user-supplied data, particularly in parsing functions and API endpoints.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-0789 | WP Maintenance <= 6.1.9.2 - IP Spoofing to Maintenance Mode Bypass — WP MaintenanceCWE-348 | 5.3 | Medium | 2024-06-19 |
| CVE-2024-3585 | Send PDF for Contact Form 7 <= 1.0.2.3 - Missing Authorization — Send PDF for Contact Form 7CWE-862 | 5.3 | Medium | 2024-05-02 |
| CVE-2024-1472 | WP Maintenance <= 6.1.6 - Information Exposure — WP MaintenanceCWE-284 | 5.3 | Medium | 2024-02-20 |
This page lists every published CVE security advisory associated with florent73. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.