Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

paoltaia — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting paoltaia. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Paoltaia operates as a software development company focused on creating enterprise applications and web-based solutions. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by their four recorded CVEs. The company's security posture has shown consistent weaknesses in input validation and access control mechanisms. While no major public security incidents have been documented, the recurring nature of their vulnerabilities suggests systemic issues in their development lifecycle. Their CVE history indicates a pattern of insufficient secure coding practices, particularly in handling user inputs and managing authentication systems.

Top products by paoltaia: GeoDirectory – WP Business Directory Plugin and Classified Listings Directory
CVE IDTitleCVSSSeverityPublished
CVE-2025-12833 GeoDirectory – WP Business Directory Plugin and Classified Listings Directory <= 2.8.139 - Missing Authorization to Authenticated (Author+) Arbitrary Image Attachment — GeoDirectory – WP Business Directory Plugin and Classified Listings DirectoryCWE-639 4.3 Medium2025-11-12
CVE-2024-13507 GeoDirectory – WP Business Directory Plugin and Classified Listings Directory <= 2.8.97 - Unauthenticated SQL Injection — GeoDirectory – WP Business Directory Plugin and Classified Listings DirectoryCWE-89 7.5 High2025-07-26
CVE-2024-13506 GeoDirectory – WP Business Directory Plugin and Classified Listings Directory <= 2.8.97 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Display_name Parameter — GeoDirectory – WP Business Directory Plugin and Classified Listings DirectoryCWE-79 6.4 Medium2025-02-11
CVE-2024-3732 GeoDirectory – WordPress Business Directory Plugin, or Classified Directory <= 2.3.48 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'gd_single_tabs' Shortcode — GeoDirectory – WP Business Directory Plugin and Classified Listings DirectoryCWE-79 6.4 Medium2024-04-23

This page lists every published CVE security advisory associated with paoltaia. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.