Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

shaonsina — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting shaonsina. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Shaonsina develops web applications and e-commerce platforms, primarily serving small to medium businesses. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure authentication mechanisms. The organization has addressed 11 CVEs to date, with several critical flaws allowing attackers to execute arbitrary code or bypass security controls. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests a need for strengthened security development practices across their product lifecycle.

Top products by shaonsina: Sina Extension for Elementor
CVE IDTitleCVSSSeverityPublished
CVE-2025-6229 Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via `Fancy Text Widget` And `Countdown Widget` — Sina Extension for ElementorCWE-79 6.4 Medium2026-03-23
CVE-2025-6228 Sina Extension for Elementor <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via `Sina Posts`, `Sina Blog Post` and `Sina Table` Widgets — Sina Extension for ElementorCWE-79 6.4 Medium2025-08-01
CVE-2025-49262 WordPress Sina Extension for Elementor plugin <= 3.6.1 - Cross Site Scripting (XSS) Vulnerability — Sina Extension for ElementorCWE-79 7.6 High2025-06-06
CVE-2025-1517 Sina Extension for Elementor <= 3.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Fancy Text, Countdown Widget, and Login Form Shortcodes — Sina Extension for ElementorCWE-79 6.4 Medium2025-02-26
CVE-2024-12624 Sina Extension for Elementor <= 3.5.91 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Sina Image Differ — Sina Extension for ElementorCWE-79 6.4 Medium2025-01-07
CVE-2024-9540 Sina Extension for Elementor <= 3.5.7 - Authenticated (Contributor+) Sensitive Information Exposure via Sina Modal Box Widget Elementor Template — Sina Extension for ElementorCWE-200 4.3 Medium2024-10-16
CVE-2024-5260 Sina Extension for Elementor <= 3.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via read_more_text Parameter — Sina Extension for ElementorCWE-79 6.4 Medium2024-07-02
CVE-2024-5036 Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — Sina Extension for ElementorCWE-79 6.4 Medium2024-06-20
CVE-2024-4373 Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.3 - Authenticated (Contributor+) Stored Cross-site Scriping via 'Sina Particle Layer' — Sina Extension for ElementorCWE-79 6.4 Medium2024-05-15
CVE-2024-4333 Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.3 - Authenticated (Contributor+) DOM-Based Cross-Site Scripting — Sina Extension for ElementorCWE-79 6.4 Medium2024-05-14
CVE-2024-3988 Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Sina Fancy Text Widget — Sina Extension for ElementorCWE-79 6.4 Medium2024-04-25

This page lists every published CVE security advisory associated with shaonsina. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.