Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

rubengc — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting rubengc. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Rubengc develops web application frameworks primarily used for building dynamic content management systems. Historically, vulnerabilities associated with this project include remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and insecure default configurations. The project has demonstrated inconsistent security practices, with multiple critical vulnerabilities remaining unpatched for extended periods. While no major public security incidents have been documented, the accumulation of 13 CVEs indicates ongoing security challenges that require improved development practices and more rigorous code review processes to mitigate risks for enterprise deployments.

Top products by rubengc: GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress GamiPress – Button GamiPress – Link
CVE IDTitleCVSSSeverityPublished
CVE-2025-13812 GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress <= 7.6.1 - Missing Authorization to Authenticated (Subscriber+) Information Exposure — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-862 4.3 Medium2026-01-06
CVE-2025-9539 AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress <= 5.3.6 - Missing Authorization To Authenticated (Subscriber+) Remote Code Execution via Automation Creation — AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPressCWE-94 8.0 High2025-09-09
CVE-2025-9542 AutomatorWP <= 5.3.7 - Authenticated (Subscriber+) Missing Authorization to Multiple Functions — AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPressCWE-862 5.4 Medium2025-09-09
CVE-2025-5487 AutomatorWP <= 5.2.5 - Authenticated (Administrator+) SQL Injection via field_conditions — AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPressCWE-89 7.2 High2025-06-14
CVE-2024-13496 GamiPress <= 7.3.1 - Unauthenticated SQL Injection via orderby Parameter — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-89 7.5 High2025-01-22
CVE-2024-13499 GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_do_shortcode() Function — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-94 7.3 High2025-01-22
CVE-2024-13495 GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_ajax_get_logs Function — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-94 7.3 High2025-01-22
CVE-2024-12626 AutomatorWP <= 5.0.9 - Reflected Cross-Site Scripting via a-0-o-search_field_value — AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPressCWE-79 9.6 Critical2024-12-19
CVE-2024-11036 GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress <= 7.1.5 - Unauthenticated Arbitrary Shortcode Execution via gamipress_get_user_earnings — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-94 7.3 High2024-11-19
CVE-2024-5536 GamiPress – Link <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — GamiPress – LinkCWE-79 6.4 Medium2024-06-05
CVE-2024-2783 GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress <= 6.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-79 6.4 Medium2024-04-09
CVE-2024-1799 GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress <= 6.8.6 - Authenticated (Contributor+) SQL Injection via Shortcode — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPressCWE-89 8.8 High2024-03-20
CVE-2024-2460 GamiPress – Button <= 1.0.7 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode — GamiPress – ButtonCWE-79 6.4 Medium2024-03-20

This page lists every published CVE security advisory associated with rubengc. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.