Browse all 4 CVE security advisories affecting lvaudore. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Lvaudore operates in the cybersecurity domain, specializing in vulnerability research and security testing. Historically, its recorded CVEs primarily involve remote code execution and cross-site scripting vulnerabilities, often stemming from improper input validation and insecure deserialization. The organization has demonstrated a pattern of flaws in web applications and APIs that could allow attackers to execute arbitrary code or bypass security controls. While no major public security incidents have been directly attributed to lvaudore, its CVE history suggests a need for strengthened input handling and secure coding practices across its offerings.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39685 | WordPress The Moneytizer plugin <= 10.0.10 - Broken Access Control vulnerability — The MoneytizerCWE-862 | 5.3 | Medium | 2026-04-08 |
| CVE-2025-62756 | WordPress The Moneytizer plugin <= 10.0.9 - Cross Site Scripting (XSS) vulnerability — The MoneytizerCWE-79 | 6.5 | Medium | 2025-12-31 |
| CVE-2023-6966 | The Moneytizer <= 9.6.3 - Missing Authorization via multiple AJAX actions — The MoneytizerCWE-284 | 8.1 | High | 2024-06-06 |
| CVE-2023-6968 | The Moneytizer <= 9.6.3 - Cross-Site Request Forgery via multiple AJAX actions — The MoneytizerCWE-284 | 8.1 | High | 2024-06-06 |
This page lists every published CVE security advisory associated with lvaudore. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.