Browse all 3 CVE security advisories affecting ravanh. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ravanh is primarily a web application framework used for building dynamic content management systems. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The framework's common vulnerabilities often stem from insufficient input validation and insecure default configurations. While no major public security incidents have been widely documented, the three CVEs assigned to Ravanh highlight consistent security concerns in its core components. Developers implementing Ravanh should prioritize hardening configurations and applying security patches to mitigate risks associated with its historically exploitable weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1808 | Orange Confort+ accessibility toolbar for WordPress <= 0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes — Orange Comfort+ accessibility toolbar for WordPressCWE-79 | 6.4 | Medium | 2026-02-06 |
| CVE-2024-4441 | XML Sitemap & Google News <= 5.4.8 - Unauthenticated Local File Inclusion — XML Sitemap & Google NewsCWE-98 | 8.1 | High | 2024-05-09 |
| CVE-2023-5615 | Skype Legacy Buttons <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Skype Legacy ButtonsCWE-79 | 6.4 | Medium | 2023-10-20 |
This page lists every published CVE security advisory associated with ravanh. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.