Browse all 7 CVE security advisories affecting kodezen. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kodezen develops web application frameworks primarily used for building enterprise solutions, with its products enabling rapid development of business applications. Historically, the framework has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its seven recorded CVEs. Security researchers have identified consistent input validation weaknesses and insecure default configurations in its components. While no major public security incidents have been documented, the accumulation of CVEs suggests ongoing challenges in secure coding practices, particularly regarding sanitization of user-supplied data and access control mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-9216 | StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More <= 1.5.0 - Authenticated (Subscriber+) Arbitrary File Upload — StoreEngine — Complete eCommerce Solution with Memberships, Licensing, Affiliates & MoreCWE-434 | 8.8 | High | 2025-09-17 |
| CVE-2025-9215 | StoreEngine – Powerful WordPress eCommerce Plugin for Payments, Memberships, Affiliates, Sales & More <= 1.5.0 - Authenticated (Subscriber+) Arbitrary File Download — StoreEngine — Complete eCommerce Solution with Memberships, Licensing, Affiliates & MoreCWE-22 | 6.5 | Medium | 2025-09-17 |
This page lists every published CVE security advisory associated with kodezen. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.