Browse all 3 CVE security advisories affecting sureshdsk. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sureshdsk develops web applications and APIs primarily for business process automation, with three CVEs recorded for RCE and XSS vulnerabilities in their authentication systems. Historically, their codebase has shown patterns of insufficient input validation and improper session management, leading to remote code execution and cross-site scripting flaws. While no major public security incidents have been documented, their vulnerabilities consistently center on broken access control and insecure deserialization, suggesting systemic issues in secure coding practices. The absence of high-impact incidents may reflect limited exploitation rather than robust security, given the recurring low-to-medium severity flaws in their authentication and data processing components.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-28928 | WordPress Are you robot google recaptcha for Wordpress plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability — Are you robot google recaptcha for wordpressCWE-79 | 7.1 | High | 2025-03-26 |
This page lists every published CVE security advisory associated with sureshdsk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.