Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gpriday — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting gpriday. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Gpriday serves as a GPU resource management platform for distributed computing environments, optimizing workload allocation across hardware resources. Historically, the project has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 14 recorded CVEs. Notable security characteristics include insufficient input validation and improper access controls in its web interface. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in authentication and API components suggests ongoing challenges in secure development practices.

Top products by gpriday: SiteOrigin Widgets Bundle Page Builder by SiteOrigin
CVE IDTitleCVSSSeverityPublished
CVE-2026-2448 Page Builder by SiteOrigin <= 2.33.5 - Authenticated (Contributor+) Local File Inclusion — Page Builder by SiteOriginCWE-22 8.8 High2026-03-03
CVE-2026-2127 SiteOrigin Widgets Bundle <= 1.70.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution — SiteOrigin Widgets BundleCWE-862 5.4 Medium2026-02-18
CVE-2025-5585 SiteOrigin Widgets Bundle <= 1.68.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-url` DOM Element Attribute — SiteOrigin Widgets BundleCWE-79 6.4 Medium2025-06-25
CVE-2025-1459 Page Builder by SiteOrigin <= 2.31.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Page Builder by SiteOriginCWE-79 6.4 Medium2025-03-01
CVE-2024-12240 Page Builder by SiteOrigin <= 2.31.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Row Label Parameter — Page Builder by SiteOriginCWE-79 6.4 Medium2025-01-14
CVE-2024-5901 SiteOrigin Widgets Bundle <= 1.62.2 - Authenticated (Contributor+) Stored Cross-Site Scripting in Image Grid widget — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-07-30
CVE-2024-5090 SiteOrigin Widgets Bundle <= 1.61.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-06-11
CVE-2024-4362 SiteOrigin Widgets Bundle <= 1.60.0 - - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-05-22
CVE-2024-4361 Page Builder by SiteOrigin <= 2.29.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode — Page Builder by SiteOriginCWE-79 6.4 Medium2024-05-21
CVE-2024-2202 Page Builder by SiteOrigin <= 2.29.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Legacy Image Widget — Page Builder by SiteOriginCWE-79 6.4 Medium2024-03-23
CVE-2024-1723 SiteOrigin Widgets Bundle <= 1.58.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-03-13
CVE-2024-1058 SiteOrigin Widgets Bundle <= 1.58.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-02-20
CVE-2024-1070 SiteOrigin Widgets Bundle <= 1.58.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-02-20
CVE-2024-0961 SiteOrigin Widgets Bundle <= 1.58.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-02-05

This page lists every published CVE security advisory associated with gpriday. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.