Browse all 17 CVE security advisories affecting mra13. AI-powered Chinese analysis, POCs, and references for each vulnerability.
mra13 is a software component primarily used for authentication and session management in web applications. Historically, it has been associated with 17 CVEs, commonly involving remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The component's security posture has been compromised in several high-profile incidents, including unauthorized access to sensitive user data and complete system takeovers due to insecure default configurations. Security researchers have consistently identified flaws in its input validation and access control mechanisms, making it a frequent target in penetration testing engagements. Organizations using mra13 should prioritize applying security patches and implementing additional compensating controls.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-2383 | Simple Download Monitor <= 4.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field — Simple Download MonitorCWE-79 | 6.4 | Medium | 2026-02-27 |
| CVE-2025-8977 | Simple Download Monitor <= 3.9.33 - Simple Download Monitor <= 3.9.33 – Authenticated (Contributor+) SQL Injection via order parameter in Log Export functionality — Simple Download MonitorCWE-89 | 6.5 | Medium | 2025-08-28 |
| CVE-2025-58197 | WordPress Simple Download Monitor Plugin <= 3.9.34 - Cross Site Scripting (XSS) Vulnerability — Simple Download MonitorCWE-79 | 6.5 | Medium | 2025-08-27 |
| CVE-2025-24663 | WordPress Simple Download Monitor plugin <= 3.9.25 - SQL Injection vulnerability — Simple Download MonitorCWE-89 | 7.6 | High | 2025-01-24 |
This page lists every published CVE security advisory associated with mra13. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.