Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

saadiqbal — Vulnerabilities & Security Advisories 39

Browse all 39 CVE security advisories affecting saadiqbal. AI-powered Chinese analysis, POCs, and references for each vulnerability.

saadiqbal is a software entity with thirty-nine recorded Common Vulnerabilities and Exposures, indicating a history of security flaws requiring remediation. The core use case typically involves web-based applications or services, though specific business functions remain undefined in public records. Historically, the vulnerability classes associated with this identifier frequently include remote code execution, cross-site scripting, and privilege escalation issues, suggesting weaknesses in input validation and access control mechanisms. Notable security characteristics point to a pattern of recurring injection flaws and improper session management rather than isolated incidents. There are no widely publicized major breaches directly attributed to saadiqbal in mainstream media, but the cumulative CVE count suggests persistent maintenance challenges. Organizations interacting with this software should prioritize rigorous patch management and continuous security auditing to mitigate the identified risks effectively.

Top products by saadiqbal: Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCred Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial Content WP Easy Pay – Payment and Donation form Builder for Square New User Approve Email Templates Customizer and Designer for WordPress and WooCommerce License Manager for WooCommerce Advanced File Manager — Ultimate WordPress File Manager and Document Library Plugin WPExperts Square For GiveWP Quick Contact Form Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder
CVE IDTitleCVSSSeverityPublished
CVE-2026-3090 Post SMTP <= 3.8.0 - Unauthenticated Stored Cross-Site Scripting via 'event_type' — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-79 7.2 High2026-03-18
CVE-2026-2559 Post SMTP <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Office 365 OAuth Configuration Overwrite — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-862 5.3 Medium2026-03-18
CVE-2026-1674 Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder <= 1.6.0 - Authenticated (Contributor+) Limited Options Update in save_gutena_forms_schema() — Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form BuilderCWE-862 6.5 Medium2026-03-04
CVE-2026-0550 myCred <= 2.9.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'mycred_load_coupon' Shortcode — Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCredCWE-79 6.4 Medium2026-02-14
CVE-2026-0832 New User Approve <= 3.2.2 - Missing Authorization to Unauthenticated Arbitrary User Approval, Denial, and Information Disclosure — New User ApproveCWE-862 7.3 High2026-01-28
CVE-2025-12718 Quick Contact Form <= 8.2.6 - Unauthenticated Open Mail Relay — Quick Contact FormCWE-20 5.8 Medium2026-01-17
CVE-2025-12361 myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7.1 - Missing Authorization to Sensitive Information Exposure — Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCredCWE-862 4.3 Medium2025-12-19
CVE-2025-12362 myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program <= 2.9.7 - Missing Authorization to Unauthenticated Withdrawal Request Approval — Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCredCWE-862 5.3 Medium2025-12-13
CVE-2025-12887 Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.1 - Missing Authorization to Authenticated (Subscriber+) OAuth Token Update — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-862 5.4 Medium2025-12-03
CVE-2025-12770 New User Approve <= 3.0.9 - Unauthenticated Sensitive Information Disclosure via Type Juggling — New User ApproveCWE-200 5.3 Medium2025-11-19
CVE-2025-11833 Post SMTP – Complete SMTP Solution with Logs, Alerts, Backup SMTP & Mobile App <= 3.6.0 - Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-862 9.8 Critical2025-11-01
CVE-2025-11244 Password Protected <= 2.7.11 - Unauthenticated Authorization Bypass via IP Address Spoofing — Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial ContentCWE-285 3.7 Low2025-10-25
CVE-2025-9219 Post SMTP <= 3.4.1 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Option Update — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-862 4.3 Medium2025-09-03
CVE-2025-3453 Password Protected – Password Protect your WordPress Site, Pages, & WooCommerce Products <= 2.7.7 - Unauthenticated Sensitive Information Exposure — Password Protected — Lock Entire Site, Pages, Posts, Categories, and Partial ContentCWE-863 5.3 Medium2025-04-17
CVE-2024-13844 Post SMTP <= 3.1.2 - Authenticated (Administrator+) SQL Injection via columns Parameter — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-89 4.9 Medium2025-03-08
CVE-2024-13805 Advanced File Manager <= 5.2.14 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Upload — Advanced File Manager – Ultimate File Manager for WordPress And Document Library SolutionCWE-79 6.4 Medium2025-03-07
CVE-2024-13713 WPExperts Square For GiveWP <= 1.3.1 - Authenticated (Subscriber+) SQL Injection — WPExperts Square For GiveWPCWE-89 6.5 Medium2025-02-21
CVE-2025-0521 Post SMTP <= 3.0.2 - Unauthenticated Stored Cross-Site Scripting — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-79 7.2 High2025-02-18
CVE-2024-13333 Advanced File Manager 5.2.12 - 5.2.13 - Authenticated (Subscriber+) Arbitrary File Upload — Advanced File Manager — Ultimate WordPress File Manager and Document Library PluginCWE-434 7.5 High2025-01-17
CVE-2024-11201 myCred – Loyalty Points and Rewards plugin <= 2.7.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via mycred_send Shortcode — Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCredCWE-79 6.4 Medium2024-12-06
CVE-2024-11391 Advanced File Manager <= 5.2.10 - Authenticated (Subscriber+) Arbitrary File Upload — Advanced File Manager – Ultimate File Manager for WordPress And Document Library SolutionCWE-434 7.5 High2024-12-03
CVE-2024-10187 myCred <= 2.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via mycred_link Shortcode — Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCredCWE-79 6.4 Medium2024-11-08
CVE-2024-8126 Advanced File Manager <= 5.2.8 - Authenticated (Subscriber+) Arbitrary File Upload — Advanced File Manager – Ultimate File Manager for WordPress And Document Library SolutionCWE-434 7.5 High2024-09-26
CVE-2024-8725 Advanced File Manager <= 5.2.8 - Authenticated (Subscriber+) Limited File Upload — Advanced File Manager – Ultimate File Manager for WordPress And Document Library SolutionCWE-434 6.8 Medium2024-09-26
CVE-2024-8704 Advanced File Manager <= 5.2.8 - Authenticated (Administrator+) Local JavaScript File Inclusion via fma_locale — Advanced File Manager – Ultimate File Manager for WordPress And Document Library SolutionCWE-22 7.2 High2024-09-26
CVE-2024-8658 myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification <= 2.7.3 - Missing Authorization to Unauthenticated Database Upgrade — Points Management System For Gamification, Ranks, Badges, and Loyalty Rewards Program – myCredCWE-862 5.3 Medium2024-09-25
CVE-2024-5861 WP Easy Pay (Free) <= 4.2.3 - Missing Authorization to Unauthenticated Service Disconnection — WP Easy Pay – Payment and Donation form Builder for SquareCWE-862 5.3 Medium2024-07-24
CVE-2024-5598 Advanced File Manager <= 5.2.4 - Sensitive Information Exposure via Directory Listing — Advanced File Manager – Ultimate File Manager for WordPress And Document Library SolutionCWE-922 7.5 High2024-06-29
CVE-2024-1639 License Manager for WooCommerce <= 3.0.6 - Improper Authorization to Authenticated(Contributor+) Sensitive Information Exposure — License Manager for WooCommerceCWE-862 6.5 Medium2024-06-21
CVE-2024-5207 POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.9.3 - Authenticated (Administrator+) SQL Injection — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-89 7.2 High2024-05-30

This page lists every published CVE security advisory associated with saadiqbal. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.