Browse all 9 CVE security advisories affecting simplepress. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SimplePress is a lightweight WordPress forum plugin designed to add discussion board functionality to websites. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with nine CVEs recorded. These flaws often stem from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in a relatively small codebase suggests ongoing security challenges that require careful maintenance and prompt updates by users implementing the plugin.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-31386 | WordPress Simple:Press plugin <= 6.11.5 - Broken Access Control vulnerability — Simple:PressCWE-862 | 5.3 | Medium | 2025-03-31 |
This page lists every published CVE security advisory associated with simplepress. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.