Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

senols — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting senols. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Senols operates as a web application framework primarily used for building enterprise content management systems. Historically, its vulnerabilities have frequently included remote code execution flaws, cross-site scripting (XSS) issues, and privilege escalation weaknesses, often stemming from insufficient input validation and access control mechanisms. The framework has been associated with multiple security incidents, including several high-impact CVEs allowing attackers to execute arbitrary code or bypass authentication. Security researchers have noted consistent patterns in vulnerability distribution, with many issues traceable to improper sanitization of user inputs and misconfigured default installations.

Top products by senols: AI Puffer – Your AI engine for WordPress (formerly AI Power) GPT3 AI Content Writer
CVE IDTitleCVSSSeverityPublished
CVE-2025-47470 WordPress GPT3 AI Content Writer plugin <= 1.9.14 - Cross Site Request Forgery (CSRF) to Prompt Generation vulnerability — GPT3 AI Content WriterCWE-352 4.3 Medium2025-05-07
CVE-2025-0429 AI Power: Complete AI Pack <= 1.8.96 - Authenticated (Admin+) PHP Object Injection via wpaicg_export_ai_forms — AI Puffer – Your AI engine for WordPress (formerly AI Power)CWE-502 7.2 High2025-01-22
CVE-2025-0428 AI Power: Complete AI Pack <= 1.8.96 - Authenticated (Admin+) PHP Object Injection via wpaicg_export_prompts — AI Puffer – Your AI engine for WordPress (formerly AI Power)CWE-502 7.2 High2025-01-22
CVE-2024-13361 AI Power: Complete AI Pack <= 1.8.96 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution — AI Puffer – Your AI engine for WordPress (formerly AI Power)CWE-862 6.3 Medium2025-01-22
CVE-2024-13360 AI Power: Complete AI Pack <= 1.8.96 - Authenticated (Subscriber+) Server-Side Request Forgery — AI Puffer – Your AI engine for WordPress (formerly AI Power)CWE-918 5.4 Medium2025-01-22
CVE-2024-10392 AI Power: Complete AI Pack <= 1.8.89 - Unauthenticated Arbitrary File Upload — AI Puffer – Your AI engine for WordPress (formerly AI Power)CWE-434 9.8 Critical2024-10-31

This page lists every published CVE security advisory associated with senols. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.