Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

sonalsinha21 — Vulnerabilities & Security Advisories 28

Browse all 28 CVE security advisories affecting sonalsinha21. AI-powered Chinese analysis, POCs, and references for each vulnerability.

sonalsinha21 is primarily associated with web application development, focusing on custom PHP-based solutions and content management systems. Analysis of their twenty-eight recorded Common Vulnerabilities and Exposures (CVEs) reveals a recurring pattern of insecure direct object references and improper access control mechanisms. Cross-site scripting (XSS) and SQL injection flaws also appear frequently, indicating insufficient input validation in deployed code. Notably, several incidents involve privilege escalation vulnerabilities that allow unauthenticated users to gain administrative access, suggesting systemic weaknesses in authentication logic rather than isolated coding errors. The profile lacks major high-profile data breaches but demonstrates a consistent history of mid-severity vulnerabilities affecting user data integrity. This pattern suggests a need for rigorous security auditing and implementation of secure coding standards to mitigate the persistent risks associated with their software architecture.

Top products by sonalsinha21: SKT Blocks SKT Addons for Elementor SKT Page Builder SKT Skill Bar Posterity SKT Blocks – Gutenberg based Page Builder Recover abandoned cart for WooCommerce SKT Templates – Elementor & Gutenberg templates Bicycleshop Barter SKT Donation Admire Extra SKT PayPal for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2025-54005 WordPress SKT Page Builder plugin <= 4.9 - Broken Access Control vulnerability — SKT Page BuilderCWE-862 4.3 Medium2025-12-16
CVE-2025-7820 SKT PayPal for WooCommerce <= 1.4 - Unauthenticated Payment Bypass — SKT PayPal for WooCommerceCWE-602 7.5 High2025-11-27
CVE-2025-66090 WordPress SKT Skill Bar plugin <= 2.5 - Cross Site Scripting (XSS) vulnerability — SKT Skill BarCWE-79 6.5 Medium2025-11-21
CVE-2025-60138 WordPress SKT Blocks plugin <= 2.6 - Cross Site Scripting (XSS) vulnerability — SKT BlocksCWE-79 6.5 Medium2025-09-26
CVE-2025-8564 SKT Addons for Elementor <= 3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — SKT Addons for ElementorCWE-79 6.4 Medium2025-09-06
CVE-2025-47608 WordPress Recover abandoned cart for WooCommerce plugin <= 2.5 - SQL Injection Vulnerability — Recover abandoned cart for WooCommerceCWE-89 9.3 Critical2025-06-09
CVE-2025-48270 WordPress SKT Blocks plugin <= 2.2 - Cross Site Scripting (XSS) Vulnerability — SKT BlocksCWE-79 6.5 Medium2025-05-19
CVE-2025-47482 WordPress SKT Skill Bar plugin <= 2.4 - Cross Site Scripting (XSS) Vulnerability — SKT Skill BarCWE-79 6.5 Medium2025-05-07
CVE-2025-46243 WordPress Recover abandoned cart for WooCommerce plugin <= 2.2 - Cross Site Request Forgery (CSRF) Vulnerability — Recover abandoned cart for WooCommerceCWE-352 4.3 Medium2025-04-22
CVE-2025-46235 WordPress SKT Blocks – Gutenberg based Page Builder plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability — SKT BlocksCWE-79 6.5 Medium2025-04-22
CVE-2025-26998 WordPress SKT Blocks – Gutenberg based Page Builder plugin <= 1.8 - Cross Site Scripting (XSS) vulnerability — SKT BlocksCWE-79 6.5 Medium2025-04-15
CVE-2025-26880 WordPress SKT Skill Bar plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability — SKT Skill BarCWE-79 6.5 Medium2025-04-15
CVE-2025-3276 SKT Blocks – Gutenberg based Page Builder <= 1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — SKT Blocks – Gutenberg based Page BuilderCWE-79 6.4 Medium2025-04-12
CVE-2025-30812 WordPress SKT Addons for Elementor plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability — SKT Addons for ElementorCWE-79 6.5 Medium2025-03-27
CVE-2025-26771 WordPress SKT Blocks plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability — SKT BlocksCWE-79 6.5 Medium2025-02-17
CVE-2024-13665 Admire Extra <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — Admire ExtraCWE-79 6.4 Medium2025-02-12
CVE-2024-13733 SKT Blocks – Gutenberg based Page Builder <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — SKT Blocks – Gutenberg based Page BuilderCWE-79 6.4 Medium2025-02-04
CVE-2025-24535 WordPress SKT Donation plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability — SKT DonationCWE-79 7.1 High2025-01-31
CVE-2024-12848 SKT Page Builder <= 4.6 - Authenticated (Subscriber+) Arbitrary File Upload — SKT Page BuilderCWE-862 8.8 High2025-01-09
CVE-2024-37493 WordPress Posterity theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerability — PosterityCWE-352 4.3 Medium2025-01-02
CVE-2024-54346 WordPress Barter theme <= 1.6 - Cross Site Scripting (XSS) vulnerability — BarterCWE-79 6.5 Medium2024-12-13
CVE-2024-54345 WordPress Bicycleshop theme <= 1.5 - Cross Site Scripting (XSS) vulnerability — BicycleshopCWE-79 6.5 Medium2024-12-13
CVE-2024-10693 SKT Addons for Elementor <= 3.3 - Authenticated (Contributor+) Post Disclosure — SKT Addons for ElementorCWE-639 4.3 Medium2024-11-09
CVE-2024-48036 WordPress SKT Blocks plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability — SKT BlocksCWE-79 6.5 Medium2024-10-17
CVE-2024-43995 WordPress Posterity theme <= 3.6 - Cross Site Scripting (XSS) vulnerability — PosterityCWE-79 6.5 Medium2024-09-17
CVE-2024-44007 WordPress SKT Templates – Elementor & Gutenberg templates plugin <= 6.14 - Reflected Cross Site Scripting (XSS) vulnerability — SKT Templates – Elementor & Gutenberg templatesCWE-79 7.1 High2024-09-17
CVE-2024-5091 SKT Addons for Elementor <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate and Creative Slider Widgets — SKT Addons for ElementorCWE-79 7.4 High2024-06-08
CVE-2024-1337 SKT Page Builder <= 4.1 - Missing Authorization to Authenticated(Subscriber+) Content Injection — SKT Page BuilderCWE-862 4.3 Medium2024-02-20

This page lists every published CVE security advisory associated with sonalsinha21. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.