Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

solaplugins — Vulnerabilities & Security Advisories 3

Browse all 3 CVE security advisories affecting solaplugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SolaPlugins develops WordPress plugins for enhancing website functionality, with three CVEs recorded in its history. Common vulnerabilities include remote code execution and cross-site scripting, often stemming from insufficient input validation and improper sanitization. The plugins' security characteristics typically involve direct file inclusion and inadequate access controls, though no major public incidents have been documented. Security researchers have identified consistent patterns in vulnerability classes, suggesting potential systemic issues in development practices. The CVEs highlight risks for WordPress administrators using these extensions, particularly those involving unauthenticated or low-privilege user exploitation.

Top products by solaplugins: Nifty Newsletters Super Testimonials Sola Support Ticket
CVE IDTitleCVSSSeverityPublished
CVE-2023-25997 WordPress Sola Support Ticket <= 3.17 - Arbitrary Content Deletion Vulnerability — Sola Support TicketCWE-862 6.5 Medium2025-06-06
CVE-2024-9127 Super Testimonials <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via alignment Parameter — Super TestimonialsCWE-79 6.4 Medium2024-09-26
CVE-2021-34634 Nifty Newsletters <= 4.0.23 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Nifty NewslettersCWE-352 8.8 High2021-08-05

This page lists every published CVE security advisory associated with solaplugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.