Browse all 5 CVE security advisories affecting glboy. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Glboy primarily serves as a web application framework used for developing dynamic content management systems. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with five CVEs documented to date. The framework's security posture has been compromised through insufficient input validation and improper access controls, though no major public incidents have been widely reported. Its architecture often relies on custom templating systems that have introduced injection risks, while default configurations sometimes enable overly permissive permissions. The CVE history suggests ongoing challenges in secure coding practices, particularly around dynamic content handling and user privilege management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-8342 | WooCommerce OTP Login With Phone Number, OTP Verification <= 1.8.47 - Authentication Bypass — OTP Login With Phone Number, OTP VerificationCWE-862 | 8.1 | High | 2025-08-15 |
| CVE-2024-6482 | Login with phone number <= 1.7.49 - Authenticated (Subscriber+) Authorization Bypass to Privilege Escalation — OTP Login With Phone Number, OTP VerificationCWE-269 | 8.8 | High | 2024-09-14 |
| CVE-2024-6125 | Login with phone number <= 1.7.34 - Insecure Password Reset Mechanism — OTP Login With Phone Number, OTP VerificationCWE-640 | 8.1 | High | 2024-06-19 |
| CVE-2024-5150 | Login with phone number <= 1.7.26 - Authentication Bypass due to Missing Empty Value Check — OTP Login With Phone Number, OTP VerificationCWE-288 | 9.8 | Critical | 2024-05-29 |
| CVE-2023-4916 | Login with phone number <= 1.5.6 - Cross-Site Request Forgery to User Password Change — OTP Login With Phone Number, OTP VerificationCWE-352 | 8.8 | High | 2023-09-13 |
This page lists every published CVE security advisory associated with glboy. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.