Browse all 5 CVE security advisories affecting peprodev. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Peprodev develops web applications and APIs for various industries, with a core focus on custom software solutions. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. While no major public security incidents have been widely documented, their CVE history indicates consistent security challenges, particularly in authentication mechanisms and data handling. The organization's security posture appears reactive rather than preventive, with vulnerabilities typically addressed after disclosure rather than through proactive security measures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3921 | PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Missing Authorization to Limited Unauthenticated Arbitrary User Meta Update via handel_ajax_req Function — PeproDev Ultimate Profile SolutionsCWE-285 | 8.2 | High | 2025-05-07 |
| CVE-2025-3924 | PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Missing Authorization to Unauthenticated Email Enumeration — PeproDev Ultimate Profile SolutionsCWE-285 | 5.3 | Medium | 2025-05-07 |
| CVE-2025-3844 | PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Authentication Bypass to Account Takeover — PeproDev Ultimate Profile SolutionsCWE-288 | 9.8 | Critical | 2025-05-07 |
| CVE-2024-13719 | PeproDev Ultimate Invoice <= 2.0.9 - Insecure Direct Object Reference to Unauthenticated Order Information Exposure — PeproDev Ultimate InvoiceCWE-862 | 5.3 | Medium | 2025-02-19 |
| CVE-2024-8873 | PeproDev WooCommerce Receipt Uploader <= 2.6.9 - Reflected Cross-Site Scripting — PeproDev WooCommerce Receipt UploaderCWE-79 | 6.1 | Medium | 2024-11-16 |
This page lists every published CVE security advisory associated with peprodev. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.