Browse all 17 CVE security advisories affecting sminozzi. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sminozzi is a web application framework primarily used for building dynamic websites and web services. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, accounting for its 17 recorded CVEs. The framework's security characteristics include regular updates addressing critical vulnerabilities, though its widespread adoption has made it a target for exploitation. Notable incidents include several high-severity RCE flaws in versions prior to 3.0, which allowed attackers to execute arbitrary code with minimal user interaction. Despite these issues, Sminozzi remains popular due to its ease of use and extensive documentation, though developers must implement strict input validation and keep installations current to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-49273 | WordPress WP Tools plugin <= 5.24 - Cross Site Request Forgery (CSRF) Vulnerability — WP ToolsCWE-352 | 4.3 | Medium | 2025-06-06 |
| CVE-2025-39544 | WordPress WP Tools plugin <= 5.18 - CSRF to Arbitrary File Deletion vulnerability — WP ToolsCWE-352 | 7.4 | High | 2025-04-16 |
This page lists every published CVE security advisory associated with sminozzi. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.