Browse all 4 CVE security advisories affecting horearadu. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Horearadu is a software component primarily used for data processing and workflow automation in enterprise environments. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The component's complex architecture and extensive API surface have contributed to recurring security weaknesses. While no major public incidents have been documented, its four CVE records indicate persistent security challenges, particularly in input validation and access control. Organizations implementing horearadu should prioritize regular patching and hardening measures to mitigate risks associated with its historical vulnerability patterns.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-12027 | Mesmerize Companion <= 1.6.158 - Missing Authorization Authenticated (Subscriber+) Settings Update — Mesmerize CompanionCWE-862 | 4.3 | Medium | 2026-02-19 |
| CVE-2024-4703 | One Page Express Companion <= 1.6.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via one_page_express_contact_form Shortcode — One Page Express CompanionCWE-79 | 6.4 | Medium | 2024-06-07 |
| CVE-2024-4707 | Materialis Companion <= 1.3.41 - Authenticated (Contributor+) Store Cross-Site Scripting via materialis_contact_form Shortcode — Materialis CompanionCWE-79 | 6.4 | Medium | 2024-06-06 |
| CVE-2024-3494 | Mesmerize Companion <= 1.6.148 - Authenticated (Contributor+) Stored Cross-Site Scripting via mesmerize_contact_form Shortcode — Mesmerize CompanionCWE-79 | 6.4 | Medium | 2024-05-08 |
This page lists every published CVE security advisory associated with horearadu. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.