Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

smackcoders — Vulnerabilities & Security Advisories 22

Browse all 22 CVE security advisories affecting smackcoders. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Smackcoders is a software development firm specializing in custom web applications and digital solutions for enterprise clients. Their portfolio includes various content management systems and e-commerce platforms, which have historically served as targets for automated scanning tools due to their widespread deployment. Security audits have identified recurring vulnerability classes within their codebase, particularly remote code execution (RCE) and cross-site scripting (XSS), often stemming from insufficient input validation and improper session management. Notably, the firm has been linked to several major incidents involving data breaches resulting from unpatched SQL injection flaws in legacy modules. With 22 CVEs currently on record, the pattern suggests a consistent lack of rigorous secure coding practices during the development lifecycle. These security gaps have led to significant exposure for downstream customers, highlighting critical deficiencies in their internal quality assurance and vulnerability management protocols.

Found 12 results / 22Clear Filters
Top products by smackcoders: WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPress Export All Posts, Products, Orders, Refunds & Users SendGrid for WordPress Lead Form Data Collection to CRM WordPress Helpdesk Integration WP Import – Ultimate CSV XML Importer for WordPress
CVE IDTitleCVSSSeverityPublished
CVE-2026-1317 WP Import – Ultimate CSV XML Importer for WordPress <= 7.37 - Authenticated (Subscriber+) SQL Injection via File Name — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-89 6.5 Medium2026-02-18
CVE-2025-14627 WP Import – Ultimate CSV XML Importer for WordPress <= 7.35 - Authenticated (Contributor+) Server-Side Request Forgery via Bitly Shortlink Bypass — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-918 6.4 Medium2026-01-01
CVE-2025-13145 WP Import – Ultimate CSV XML Importer for WordPress <= 7.33.1 - Authenticated (Administrator+) PHP Object Injection via CSV Import — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-502 7.2 High2025-11-19
CVE-2025-12732 WP Import – Ultimate CSV XML Importer for WordPress <= 7.33 - Missing Authorization to Authenticated (Author+) Sensitive Information Exposure — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-200 4.3 Medium2025-11-12
CVE-2025-10058 WP Import – Ultimate CSV XML Importer for WordPress <= 7.27 - Authenticated (Subscriber+) Arbitrary File Deletion — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-73 8.1 High2025-09-17
CVE-2025-10040 WP Import – Ultimate CSV XML Importer for WordPress <= 7.27 - Missing Authorization to Authenticated (Subscriber+) FTP/SFTP Credential Exposure — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-862 7.7 High2025-09-10
CVE-2025-2008 Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Upload — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-434 8.8 High2025-04-01
CVE-2025-2007 Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Deletion — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-23 8.1 High2025-04-01
CVE-2023-4142 WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code Execution — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-94 8.0 High2023-08-04
CVE-2023-4141 WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) PHP File Creation to Remote Code Execution — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-94 8.0 High2023-08-04
CVE-2023-4139 WP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory Listing — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-200 7.5 High2023-08-04
CVE-2023-4140 WP Ultimate CSV Importer <= 7.9.8 - Arbitrary Usermeta Update to Authenticated (Author+) Privilege Escalation — WP Ultimate CSV Importer – Import CSV, XML & Excel into WordPressCWE-269 6.6 Medium2023-08-04

This page lists every published CVE security advisory associated with smackcoders. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.