Browse all 4 CVE security advisories affecting richplugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.
RichPlugins develops WordPress plugins for enhancing website functionality with features like forms, galleries, and SEO tools. Historically, their plugins have been susceptible to multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. With four CVEs documented, these security gaps have allowed attackers to execute arbitrary code, manipulate content, and gain elevated access. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices, potentially exposing thousands of WordPress sites to compromise if not promptly updated.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-30883 | WordPress Trust.Reviews plugin <= 2.3 - Broken Access Control vulnerability — Trust.ReviewsCWE-862 | 4.3 | Medium | 2025-03-27 |
This page lists every published CVE security advisory associated with richplugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.