Browse all 5 CVE security advisories affecting fs-code. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Fs-code is a file system utility designed for code analysis and management, primarily used in development environments to scan and organize source code. Historically, it has been susceptible to multiple remote code execution vulnerabilities due to unsafe deserialization and improper input validation, along with cross-site scripting flaws through inadequate output encoding. Privilege escalation issues have also been documented, often stemming from insecure default permissions. The project maintains five CVE records, with no major public security incidents reported. Its lightweight architecture and focus on static analysis make it popular among developers, though consistent patching remains necessary given its history of input-related vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-30960 | WordPress FS Poster plugin <= 6.5.8 - Subscriber+ Site Wide Broken Access Control vulnerability — FS PosterCWE-862 | 8.3 | High | 2025-04-16 |
| CVE-2025-30962 | WordPress FS Poster plugin <= 6.5.8 - Reflected Cross Site Scripting (XSS) vulnerability — FS PosterCWE-79 | 7.1 | High | 2025-04-15 |
| CVE-2025-26978 | WordPress FS Poster plugin <= 6.5.8 - SQL Injection vulnerability — FS PosterCWE-89 | 8.5 | High | 2025-03-15 |
| CVE-2025-26926 | WordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerability — BookneticCWE-352 | 4.3 | Medium | 2025-02-25 |
| CVE-2024-37237 | WordPress FS Poster plugin <= 6.5.8 - Cross Site Request Forgery (CSRF) vulnerability — FS PosterCWE-352 | 4.3 | Medium | 2025-01-02 |
This page lists every published CVE security advisory associated with fs-code. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.