Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

presstigers — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting presstigers. AI-powered Chinese analysis, POCs, and references for each vulnerability.

PressTigers is a digital marketing agency specializing in WordPress development and SEO services, with 18 CVEs recorded in its history. Common vulnerabilities include stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and insecure authentication mechanisms. The company's plugins have faced multiple security incidents, including a 2021 XSS vulnerability affecting over 10,000 sites and a 2019 RCE weakness in a popular SEO plugin. These issues highlight recurring patterns in sanitization and access control failures, posing risks to client websites and data. PressTigers has addressed some vulnerabilities through patches, but the historical pattern suggests ongoing challenges in secure coding practices.

Top products by presstigers: Simple Job Board Simple Testimonials Showcase Simple Folio Simple Event Planner (WordPress plugin) ZIP Code Based Content Protection Simple Owl Carousel
CVE IDTitleCVSSSeverityPublished
CVE-2025-14353 ZIP Code Based Content Protection <= 1.0.2 - Unauthenticated SQL Injection via 'zipcode' Parameter — ZIP Code Based Content ProtectionCWE-89 7.5 High2026-03-07
CVE-2025-14039 Simple Folio <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Client name' and 'Link' Meta Fields — Simple FolioCWE-79 6.4 Medium2026-01-28
CVE-2025-64256 WordPress Simple Folio plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) vulnerability — Simple FolioCWE-352 4.3 Medium2025-12-09
CVE-2025-12151 Simple Folio <= 1.1.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting — Simple FolioCWE-79 6.4 Medium2025-11-27
CVE-2025-59579 WordPress Simple Job Board plugin <= 2.13.7 - Sensitive Data Exposure vulnerability — Simple Job BoardCWE-201 7.5 High2025-10-22
CVE-2025-59008 WordPress ZIP Code Based Content Protection plugin <= 1.0.0 - SQL Injection vulnerability — ZIP Code Based Content ProtectionCWE-89 7.6 High2025-09-09
CVE-2025-31535 WordPress Simple Owl Carousel plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability — Simple Owl CarouselCWE-79 6.5 Medium2025-03-31
CVE-2023-47188 WordPress Simple Job Board plugin <= 2.10.5 - Broken Access Control vulnerability — Simple Job BoardCWE-862 5.3 Medium2025-01-02
CVE-2024-49295 WordPress Simple Testimonials Showcase plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability — Simple Testimonials ShowcaseCWE-79 5.9 Medium2024-10-17
CVE-2024-7351 Simple Job Board <= 2.12.3 - Authenticated (Editor+) PHP Object Injection — Simple Job BoardCWE-502 7.2 High2024-08-24
CVE-2024-32530 WordPress Simple Testimonials Showcase plugin <= 1.1.5 - Cross Site Scripting (XSS) vulnerability — Simple Testimonials ShowcaseCWE-79 6.5 Medium2024-04-17
CVE-2024-1813 Simple Job Board <= 2.11.0 - Unauthenticated PHP Object Injection via Job Application Fields — Simple Job BoardCWE-502 9.8 Critical2024-04-09
CVE-2024-0593 Simple Job Board <= 2.10.8 - Missing Authorization to Unauthenticated Information Disclosure — Simple Job BoardCWE-862 5.3 Medium2024-02-21
CVE-2023-52122 WordPress Simple Job Board Plugin <= 2.10.6 is vulnerable to Cross Site Request Forgery (CSRF) — Simple Job BoardCWE-352 4.3 Medium2024-01-05
CVE-2023-48283 WordPress Simple Testimonials Showcase Plugin <= 1.1.5 is vulnerable to Cross Site Request Forgery (CSRF) — Simple Testimonials ShowcaseCWE-352 4.3 Medium2023-11-30
CVE-2023-29440 WordPress Simple Job Board Plugin <= 2.10.3 is vulnerable to Cross Site Request Forgery (CSRF) — Simple Job BoardCWE-352 4.3 Medium2023-11-10
CVE-2022-25612 WordPress Simple Event Planner plugin <= 1.5.4 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities — Simple Event Planner (WordPress plugin)CWE-79 4.1 Medium2022-03-25
CVE-2022-25611 WordPress Simple Event Planner plugin <= 1.5.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Simple Event Planner (WordPress plugin)CWE-79 4.1 Medium2022-03-25

This page lists every published CVE security advisory associated with presstigers. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.