Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

joedolson — Vulnerabilities & Security Advisories 5

Browse all 5 CVE security advisories affecting joedolson. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Joedolson develops WordPress accessibility plugins, primarily serving website owners needing compliance solutions. Historically, vulnerabilities have included stored cross-site scripting (XSS), arbitrary file inclusion, and insufficient input validation leading to remote code execution. Notable incidents include CVE-2021-24732, which allowed unauthenticated attackers to execute arbitrary PHP code via crafted requests, and CVE-2021-24733, enabling privilege escalation through improper capability checks. These vulnerabilities often stem from inadequate sanitization of user-supplied data and improper implementation of WordPress security mechanisms. The plugin's core functionality frequently interacts with sensitive WordPress functions, increasing potential attack surface when security controls are misconfigured or bypassed.

Found 1 results / 5Clear Filters
Top products by joedolson: My Tickets – Accessible Event Ticketing Able Player, accessible HTML5 media player WP Accessibility My Calendar – Accessible Event Manager my-calendar
CVE IDTitleCVSSSeverityPublished
CVE-2026-40308 My Calendar: Unauthenticated Information Disclosure (IDOR) via Multisite switch_to_blog — my-calendarCWE-639 7.5AIHighAI2026-04-16

This page lists every published CVE security advisory associated with joedolson. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.