Browse all 5 CVE security advisories affecting slackero. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Slackero is a team collaboration platform designed for real-time communication and file sharing. Historically, it has been susceptible to various vulnerability classes including remote code execution, cross-site scripting, and privilege escalation flaws. The platform has addressed multiple security incidents, with five CVEs documented to date. Notable characteristics include its extensive third-party integration ecosystem, which can introduce additional attack surfaces, and its public-facing nature that increases exposure to web-based threats. Security researchers have identified issues in both the core platform and its plugins, highlighting the importance of regular updates and access controls for maintaining a secure environment.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5499 | slackero phpwcms image_resized.php getimagesize deserialization — phpwcmsCWE-502 | 7.3 | High | 2025-06-03 |
| CVE-2025-5498 | slackero phpwcms Custom Source Tab cnt21.readform.inc.php is_file deserialization — phpwcmsCWE-502 | 5.5 | Medium | 2025-06-03 |
| CVE-2025-5497 | slackero phpwcms Feedimport processing.inc.php deserialization — phpwcmsCWE-502 | 6.3 | Medium | 2025-06-03 |
| CVE-2021-4301 | slackero phpwcms sql injection — phpwcmsCWE-89 | 6.3 | Medium | 2023-01-07 |
| CVE-2021-4302 | slackero phpwcms SVG File cross site scripting — phpwcmsCWE-79 | 3.5 | Low | 2023-01-04 |
This page lists every published CVE security advisory associated with slackero. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.