Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

jackdewey — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting jackdewey. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Jackdewey develops web applications primarily for content management and e-commerce platforms. Historically, vulnerabilities associated with this developer frequently include remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and misconfigured access controls. While no major public security incidents have been documented, the consistent pattern of vulnerabilities across multiple products suggests systemic security weaknesses in development practices. The 15 CVEs on record indicate recurring issues that could allow attackers to compromise systems, manipulate content, or gain unauthorized access, highlighting the need for improved security measures in their software development lifecycle.

Top products by jackdewey: Community Events Link Library Bilingual Linker Tune Library Events Listing Widget
CVE IDTitleCVSSSeverityPublished
CVE-2026-2429 Community Events <= 1.5.8 - Authenticated (Administrator+) SQL Injection via 'ce_venue_name' CSV Field — Community EventsCWE-89 4.9 Medium2026-03-07
CVE-2026-1649 Community Events <= 1.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'ce_venue_name' Parameter — Community EventsCWE-79 4.4 Medium2026-02-18
CVE-2026-1252 Events Listing Widget <= 1.3.4 - Authenticated (Author+) Stored Cross-Site Scripting via Event URL Field — Events Listing WidgetCWE-79 6.4 Medium2026-02-06
CVE-2026-1401 Tune Library <= 1.6.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via CSV Import — Tune LibraryCWE-79 6.4 Medium2026-02-06
CVE-2025-14029 Community Events <= 1.5.6 - Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter — Community EventsCWE-862 5.3 Medium2026-01-17
CVE-2025-12646 Community Events <= 1.5.4 - Unauthenticated SQL Injection — Community EventsCWE-89 7.5 High2025-11-19
CVE-2025-11995 Community Events <= 1.5.2 - Unauthenticated Stored Cross-Site Scripting — Community EventsCWE-79 7.2 High2025-11-01
CVE-2025-10586 Community Events <= 1.5.1 - Unauthenticated SQL Injection — Community EventsCWE-89 9.8 Critical2025-10-09
CVE-2025-10587 Community Events <= 1.5.1 - Unauthenticated SQL Injection — Community EventsCWE-89 9.8 Critical2025-10-08
CVE-2025-2889 Link Library <= 7.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Link Additional Parameters — Link LibraryCWE-79 6.4 Medium2025-04-04
CVE-2024-13441 Bilingual Linker <= 2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Bilingual LinkerCWE-79 6.4 Medium2025-01-25
CVE-2024-13404 Link Library <= 7.7.2 - Reflected Cross-Site Scripting — Link LibraryCWE-79 6.1 Medium2025-01-21
CVE-2024-4281 Link Library <= 7.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via link-library Shortcode — Link LibraryCWE-79 6.4 Medium2024-05-08
CVE-2024-2325 Link Library <= 7.6.6 - Reflected Cross-Site Scripting — Link LibraryCWE-79 6.1 Medium2024-04-09
CVE-2024-1559 Link Library <= 7.6 - Unauthenticated Stored Cross-Site Scripting — Link LibraryCWE-79 6.5 Medium2024-02-20

This page lists every published CVE security advisory associated with jackdewey. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.