Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

hookandhook — Vulnerabilities & Security Advisories 5

Browse all 5 CVE security advisories affecting hookandhook. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Hookandhook operates as a cybersecurity vendor specializing in web application security testing tools, primarily serving developers and security teams to identify vulnerabilities in web applications. Historically, their tools have been associated with vulnerabilities including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from improper input validation and insecure design. Security researchers have noted that while their products aim to detect such issues, the tools themselves have occasionally contained similar vulnerabilities, creating a paradoxical security situation. No major public security incidents have been widely reported, but the presence of five CVEs indicates a pattern of security challenges that warrant careful implementation and monitoring.

Top products by hookandhook: Coming Soon & Maintenance Mode Page & Under Construction WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses Post Grid Elementor Addon WP Courses LMS
CVE IDTitleCVSSSeverityPublished
CVE-2026-31914 WordPress WP Courses LMS plugin <= 3.2.26 - Cross Site Scripting (XSS) vulnerability — WP Courses LMSCWE-79 6.5 Medium2026-03-25
CVE-2024-56268 WordPress Post Grid Elementor Addon plugin <= 2.0.18 - Cross Site Scripting (XSS) vulnerability — Post Grid Elementor AddonCWE-79 6.5 Medium2025-01-02
CVE-2024-12172 WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses <= 3.2.21 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Update — WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education CoursesCWE-862 7.5 High2024-12-12
CVE-2020-36752 Coming Soon & Maintenance Mode Page <= 1.57 - Cross-Site Request Forgery Bypass — Coming Soon & Maintenance Mode Page & Under ConstructionCWE-352 4.3 Medium2023-07-12
CVE-2020-36707 Coming Soon & Maintenance Mode Page <= 1.57 - Cross-Site Request Forgery — Coming Soon & Maintenance Mode Page & Under ConstructionCWE-352 8.8 High2023-06-07

This page lists every published CVE security advisory associated with hookandhook. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.