Browse all 4 CVE security advisories affecting kendysond. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kendysond is a software component primarily used for content management and user interaction in web applications. Historically, it has been associated with multiple critical vulnerabilities including remote code execution, cross-site scripting, and privilege escalation flaws. These weaknesses often stem from insufficient input validation and improper access controls. The four CVEs assigned to this component highlight recurring security issues in its handling of user-supplied data and authentication mechanisms. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for implementations lacking proper hardening or timely updates.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-10894 | Payment Forms for Paystack <= 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Payment Forms for PaystackCWE-79 | 6.4 | Medium | 2025-04-10 |
| CVE-2025-22652 | WordPress Payment Forms for Paystack plugin <= 4.0.1 - SQL Injection vulnerability — Payment Forms for PaystackCWE-89 | 7.6 | High | 2025-03-27 |
| CVE-2023-5665 | Payment Forms for Paystack <= 3.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Payment Forms for PaystackCWE-79 | 6.4 | Medium | 2024-02-08 |
This page lists every published CVE security advisory associated with kendysond. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.