Browse all 3 CVE security advisories affecting nerdpressteam. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Nerdpressteam develops presentation software with a core focus on collaborative content creation and delivery. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure authentication mechanisms. The team has demonstrated a pattern of addressing security issues through patch releases, though their CVE history indicates ongoing challenges in secure coding practices. No major public security incidents have been documented, but the consistent appearance of similar vulnerability classes across multiple releases suggests systemic security weaknesses that require remediation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-12471 | Hubbub Lite <= 1.36.0 - Reflected Cross-Site Scripting — Hubbub Lite – Fast, free social sharing and follow buttonsCWE-79 | 6.1 | Medium | 2025-11-06 |
| CVE-2024-2501 | Hubbub Lite – Fast, Reliable Social Network Sharing Buttons <= 1.33.1 - PHP Object Injection — Hubbub Lite – Fast, free social sharing and follow buttonsCWE-502 | 7.5 | High | 2024-04-09 |
This page lists every published CVE security advisory associated with nerdpressteam. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.