Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

pebas — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting pebas. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Pebas is a software platform primarily used for enterprise resource planning and business process automation. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its eight recorded CVEs. The platform's complex architecture and extensive integration points have contributed to these security challenges. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests ongoing risks for organizations relying on pebas for critical business operations. Proper hardening and regular security assessments remain essential for mitigating potential exploitation risks.

Top products by pebas: CouponXxL Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme CouponXL CouponXxL Custom Post Types Lisfinity Core
CVE IDTitleCVSSSeverityPublished
CVE-2026-22484 WordPress Lisfinity Core plugin <= 1.5.0 - SQL Injection vulnerability — Lisfinity CoreCWE-89 9.3 Critical2026-03-25
CVE-2025-60220 WordPress CouponXxL theme <= 3.0.0 - Privilege Escalation vulnerability — CouponXxLCWE-266 9.8 Critical2025-10-22
CVE-2025-6042 Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme <= 1.4.0 - Unauthenticated Privilege Escalation to Editor — Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress themeCWE-269 7.3 High2025-10-15
CVE-2025-6038 Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme <= 1.4.0 - Authenticated (Subscriber+) Privilege Escalation — Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress themeCWE-639 8.8 High2025-10-09
CVE-2025-58013 WordPress CouponXxL Theme <= 4.5.0 - Cross Site Request Forgery (CSRF) Vulnerability — CouponXxLCWE-352 8.8 High2025-09-22
CVE-2025-52725 WordPress CouponXxL theme <= 3.0.0 - PHP Object Injection Vulnerability — CouponXxLCWE-502 9.8 Critical2025-06-27
CVE-2025-52726 WordPress CouponXxL Custom Post Types plugin <= 3.0 - Privilege Escalation Vulnerability — CouponXxL Custom Post TypesCWE-266 8.6 High2025-06-27
CVE-2025-39489 WordPress CouponXL theme <= 4.5.0 - Privilege Escalation Vulnerability — CouponXLCWE-266 9.8 Critical2025-05-23

This page lists every published CVE security advisory associated with pebas. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.