Browse all 7 CVE security advisories affecting odude. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Odude is a software component primarily used for authentication and session management in web applications. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The seven CVEs recorded for this component reveal consistent patterns of insufficient input validation and insecure default configurations. Security researchers have noted that odude's implementation often lacks proper sanitization of user-supplied data, leading to injection-based vulnerabilities. While no major public security incidents have been widely documented, the accumulation of CVEs suggests ongoing security challenges that require careful implementation and regular updates when using this authentication framework.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-9129 | Flexi <= 4.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via flexi-form-tag Shortcode — Flexi – Guest SubmitCWE-79 | 6.4 | Medium | 2025-10-03 |
| CVE-2025-32589 | WordPress Flexi – Guest Submit Plugin <= 4.28 - Local File Inclusion vulnerability — Flexi – Guest SubmitCWE-98 | 8.1 | High | 2025-04-11 |
This page lists every published CVE security advisory associated with odude. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.