Browse all 3 CVE security advisories affecting origincode. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Origincode develops software development tools and application frameworks, primarily serving enterprise clients. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and access control weaknesses. Security researchers have identified multiple authentication bypass vulnerabilities in their authentication systems, though no major public security incidents have been documented. The three CVEs associated with origincode highlight recurring issues in input handling and session management, suggesting a need for enhanced security testing protocols in their development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-48349 | WordPress Video Gallery – Vimeo and YouTube Gallery plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability — Video Gallery – Vimeo and YouTube GalleryCWE-79 | 6.5 | Medium | 2025-08-28 |
| CVE-2025-30524 | WordPress Product Catalog plugin <= 1.0.4 - SQL Injection vulnerability — Product CatalogCWE-89 | 9.3 | Critical | 2025-03-26 |
| CVE-2021-4384 | WordPress Photo Gallery – Image Gallery <= 1.0.6 - Cross-Site Request Forgery Bypass — WordPress Photo Gallery – Image GalleryCWE-352 | 4.3 | Medium | 2023-07-01 |
This page lists every published CVE security advisory associated with origincode. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.