Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

tainacan — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting tainacan. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tainacan is an open-source repository management system designed for digital collections and metadata management. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The platform's 14 recorded CVEs highlight consistent weaknesses in input validation, access control, and file handling. While no major public security incidents have been documented, the recurring nature of these vulnerabilities suggests potential risks for organizations handling sensitive digital assets. Implementers should prioritize hardening configurations and applying security patches to mitigate risks associated with these common web application vulnerabilities.

Top products by tainacan: Tainacan Tainacan Interface Tainá
CVE IDTitleCVSSSeverityPublished
CVE-2025-14043 Tainacan <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation — TainacanCWE-862 5.3 Medium2025-12-21
CVE-2025-12747 Tainacan <= 1.0.0 - Unauthenticated Information Exposure — TainacanCWE-552 5.3 Medium2025-11-21
CVE-2025-12746 Tainacan <= 1.0.0 - Reflected Cross-Site Scripting — TainacanCWE-79 6.1 Medium2025-11-21
CVE-2025-47512 WordPress Tainacan plugin <= 0.21.14 - Arbitrary File Deletion vulnerability — TainacanCWE-22 8.6 High2025-05-23
CVE-2025-26919 WordPress Tainá plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability — TaináCWE-79 6.5 Medium2025-04-15
CVE-2024-13236 Tainacan <= 0.21.12 - Authenticated (Subscriber+) SQL Injection — TainacanCWE-89 6.5 Medium2025-01-23
CVE-2024-48040 WordPress Tainacan plugin <= 0.21.8 - SQL Injection vulnerability — TainacanCWE-89 8.5 High2024-10-11
CVE-2024-9221 Tainacan <= 0.21.10 - Reflected Cross-Site Scripting — TainacanCWE-79 6.1 Medium2024-10-11
CVE-2024-7135 Tainacan <= 0.21.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read — TainacanCWE-862 6.5 Medium2024-07-31
CVE-2024-30529 WordPress Tainacan plugin <= 0.20.7 - Broken Access Control vulnerability — TainacanCWE-862 5.3 Medium2024-06-09
CVE-2024-34794 WordPress Tainacan plugin <= 0.21.3 - Cross Site Scripting (XSS) vulnerability — TainacanCWE-79 7.1 High2024-06-03
CVE-2024-34795 WordPress Tainacan plugin <= 0.21.3 - Cross Site Scripting (XSS) vulnerability — TainacanCWE-79 6.5 Medium2024-06-03
CVE-2024-3867 Tainacan Interface <= 2.7.2 - Reflected Cross-Site Scripting — Tainacan InterfaceCWE-79 6.1 Medium2024-04-16
CVE-2024-1435 WordPress Tainacan plugin <= 0.20.6 - Sensitive Data Exposure via Log File vulnerability — TainacanCWE-201 5.3 Medium2024-02-29

This page lists every published CVE security advisory associated with tainacan. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.