Browse all 4 CVE security advisories affecting listamester. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Listamester is a web application primarily used for managing and sharing lists, with its core functionality centered on collaborative list creation and organization. Historically, it has been susceptible to multiple vulnerability classes, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation, as evidenced by its four recorded CVEs. The application's security posture has been marked by insufficient input validation and improper access controls, leading to potential data exposure and unauthorized system compromise. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests ongoing challenges in secure development practices, requiring careful implementation and regular security assessments to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-47446 | WordPress Listamester plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability — ListamesterCWE-352 | 4.3 | Medium | 2025-05-07 |
| CVE-2025-30813 | WordPress Listamester plugin <= 2.3.5 - Cross Site Scripting (XSS) vulnerability — ListamesterCWE-79 | 6.5 | Medium | 2025-03-27 |
| CVE-2025-24678 | WordPress Listamester Plugin <= 2.3.4 - Cross Site Scripting (XSS) vulnerability — ListamesterCWE-80 | 6.5 | Medium | 2025-01-24 |
| CVE-2024-13659 | Listamester <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — ListamesterCWE-79 | 6.4 | Medium | 2025-01-24 |
This page lists every published CVE security advisory associated with listamester. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.