Browse all 4 CVE security advisories affecting javmah. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Javmah is a Java-based application primarily used for enterprise resource planning and workflow automation. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure default configurations. The application's complex architecture and extensive third-party integrations have contributed to its security challenges. While no major public incidents have been widely documented, its four recorded CVEs highlight consistent security concerns, particularly around authentication bypass and deserialization flaws. Organizations implementing Javmah should prioritize regular patching and hardening to mitigate these recurring risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1916 | WPGSI: Spreadsheet Integration <= 3.8.3 - Missing Authorization to Unauthenticated Arbitrary Post Creation and Deletion via Forged Base64 Token — WPGSI: Spreadsheet IntegrationCWE-862 | 7.5 | High | 2026-02-25 |
| CVE-2025-1463 | Spreadsheet Integration <= 3.8.2 - Cross-Site Request Forgery to Arbitrary Post Publish — WPGSI: Spreadsheet IntegrationCWE-352 | 4.3 | Medium | 2025-03-05 |
| CVE-2024-37201 | WordPress Woocommerce Customers Order History plugin <= 5.2.2 - Broken Access Control vulnerability — Woocommerce Customers Order HistoryCWE-862 | 4.3 | Medium | 2024-11-01 |
| CVE-2024-6590 | Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update — WPGSI: Spreadsheet IntegrationCWE-862 | 6.3 | Medium | 2024-09-25 |
This page lists every published CVE security advisory associated with javmah. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.