Browse all 4 CVE security advisories affecting ibericode. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ibericode develops security-focused software tools, primarily for web application development and testing. Historically, their products have been associated with vulnerabilities like cross-site scripting (XSS) and remote code execution (RCE), often stemming from input validation flaws or insecure deserialization. While no major public security incidents have been documented, their CVE record indicates a pattern of security issues that could potentially lead to unauthorized access or system compromise. The company's tools, while intended to enhance security, have themselves been sources of vulnerabilities that require careful implementation and patch management to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-22850 | Koko Analytics vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import — koko-analyticsCWE-89 | 8.4 | High | 2026-01-19 |
| CVE-2023-51682 | WordPress MC4WP plugin <= 4.9.9 - Broken Access Control vulnerability — MC4WPCWE-862 | 5.3 | Medium | 2024-06-11 |
| CVE-2023-50836 | WordPress HTML Forms Plugin <= 1.3.28 is vulnerable to Cross Site Scripting (XSS) — HTML FormsCWE-79 | 5.9 | Medium | 2023-12-28 |
| CVE-2021-36833 | WordPress MC4WP plugin <= 4.8.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — MC4WP: Mailchimp for WordPressCWE-79 | 4.8 | Medium | 2022-05-20 |
This page lists every published CVE security advisory associated with ibericode. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.