Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

kamleshyadav — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting kamleshyadav. AI-powered Chinese analysis, POCs, and references for each vulnerability.

kamleshyadav represents a software entity with a documented history of twenty-one Common Vulnerabilities and Exposures, indicating persistent security maintenance challenges. The primary use case involves standard application functionality, yet the vulnerability profile suggests frequent exposure to critical flaws. Historically, the most prevalent issues include Remote Code Execution (RCE) and Cross-Site Scripting (XSS), which allow attackers to compromise system integrity or inject malicious scripts. Additionally, privilege escalation vulnerabilities have been recorded, enabling unauthorized access to restricted resources. These recurring defect types highlight significant gaps in input validation and access control mechanisms within the codebase. While no single catastrophic incident is publicly attributed solely to this specific identifier, the accumulation of CVEs suggests a pattern of delayed patching or inherent architectural weaknesses. Continuous security auditing and rigorous code review processes are essential to mitigate these recurring risks and prevent potential exploitation by malicious actors seeking to leverage these known entry points.

Top products by kamleshyadav: WP Lead Capturing Pages Miraculous Core Plugin Miraculous Pixel WordPress Form BuilderPlugin & Autoresponder WP Bakery Autoresponder Addon CF7 7 Mailchimp Add-on Exit Intent Popup CF7 Auto Responder Addon RockON DJ Medicalequipment Videospirecore Theme Plugin Miraculous Elementor
CVE IDTitleCVSSSeverityPublished
CVE-2026-32515 WordPress Miraculous theme < 2.1.2 - Broken Access Control vulnerability — MiraculousCWE-862 7.5 High2026-03-25
CVE-2026-32516 WordPress Miraculous Core Plugin plugin < 2.1.2 - SQL Injection vulnerability — Miraculous Core PluginCWE-89 8.5 High2026-03-25
CVE-2026-27362 WordPress WP Bakery Autoresponder Addon plugin <= 1.0.6 - Broken Access Control vulnerability — WP Bakery Autoresponder AddonCWE-862 6.5 Medium2026-03-05
CVE-2026-27363 WordPress WP Bakery Autoresponder Addon plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability — WP Bakery Autoresponder AddonCWE-79 7.1 High2026-03-05
CVE-2025-67998 WordPress Miraculous Elementor plugin <= 2.0.7 - Broken Authentication vulnerability — Miraculous ElementorCWE-288 8.8 High2026-02-20
CVE-2025-15096 Videospirecore Theme Plugin <= 1.0.6 - Authenticated (Subscriber+) Privilege Escalation via User Email Change/Account Takeover — Videospirecore Theme PluginCWE-639 8.8 High2026-02-11
CVE-2025-49055 WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability — WP Lead Capturing PagesCWE-89 9.3 Critical2026-01-22
CVE-2025-49050 WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability — WP Lead Capturing PagesCWE-89 8.5 High2026-01-22
CVE-2025-69009 WordPress Medicalequipment theme <= 1.0.9 - Broken Access Control vulnerability — MedicalequipmentCWE-862 5.3 Medium2025-12-30
CVE-2025-58629 WordPress Miraculous theme < 2.0.9 - Arbitrary Content Deletion vulnerability — MiraculousCWE-862 7.5 High2025-11-06
CVE-2025-58627 WordPress Miraculous Core Plugin plugin < 2.0.9 - Insecure Direct Object References (IDOR) vulnerability — Miraculous Core PluginCWE-639 9.8 Critical2025-11-06
CVE-2025-58961 WordPress CF7 Auto Responder Addon plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability — CF7 Auto Responder AddonCWE-79 7.1 High2025-10-22
CVE-2025-53229 WordPress RockON DJ theme <= 3.3 - Reflected Cross Site Scripting (XSS) vulnerability — RockON DJCWE-79 7.1 High2025-10-22
CVE-2025-58628 WordPress Miraculous Theme < 2.0.9 - SQL Injection Vulnerability — MiraculousCWE-89 9.3 Critical2025-09-05
CVE-2025-58641 WordPress Exit Intent Popup Plugin <= 1.0.1 - Server Side Request Forgery (SSRF) Vulnerability — Exit Intent PopupCWE-918 5.4 Medium2025-09-03
CVE-2025-49388 WordPress Miraculous Core Plugin Plugin <= 2.0.7 - Privilege Escalation Vulnerability — Miraculous Core PluginCWE-266 9.8 Critical2025-08-28
CVE-2025-31425 WordPress WP Lead Capturing Pages plugin < 2.6 - Arbitrary Content Deletion vulnerability — WP Lead Capturing PagesCWE-862 7.5 High2025-08-14
CVE-2025-29012 WordPress CF7 7 Mailchimp Add-on plugin < 2.4 - Broken Access Control Vulnerability — CF7 7 Mailchimp Add-onCWE-862 5.3 Medium2025-07-04
CVE-2025-31424 WordPress WP Lead Capturing Pages plugin < 2.6 - SQL Injection vulnerability — WP Lead Capturing PagesCWE-89 9.3 Critical2025-06-09
CVE-2025-31914 WordPress Pixel Form BuilderPlugin & Autoresponder plugin <= 1.0.2 - SQL Injection Vulnerability — Pixel WordPress Form BuilderPlugin & AutoresponderCWE-89 9.3 Critical2025-05-23
CVE-2025-31915 WordPress Pixel Form BuilderPlugin & Autoresponder plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerability — Pixel WordPress Form BuilderPlugin & AutoresponderCWE-352 5.4 Medium2025-05-16

This page lists every published CVE security advisory associated with kamleshyadav. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.