Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

techjewel — Vulnerabilities & Security Advisories 38

Browse all 38 CVE security advisories affecting techjewel. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Techjewel operates primarily as a provider of digital asset management and blockchain infrastructure solutions, facilitating secure transactions and data integrity for enterprise clients. Historically, its software stack has exhibited vulnerabilities typical of complex web applications, with a notable prevalence of Cross-Site Scripting (XSS) and SQL Injection flaws that allow unauthorized data access. Additionally, several instances of Remote Code Execution (RCE) and improper access control mechanisms have been documented, highlighting gaps in input validation and authentication protocols. While no single catastrophic breach has been publicly attributed to the brand, the accumulation of 38 Common Vulnerabilities and Exposures (CVEs) indicates persistent security hygiene issues. These findings suggest that while the core business model is robust, the underlying technical implementation requires rigorous patching and continuous security auditing to mitigate risks associated with privilege escalation and data exfiltration.

Top products by techjewel: Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Ninja Tables – Easy Data Table Builder Fluent Forms Pro Add On Pack FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider Fluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution Fluent Support – Helpdesk & Customer Support Ticket System FluentAuth – The Ultimate Authorization & Security Plugin for WordPress
CVE IDTitleCVSSSeverityPublished
CVE-2026-6344 Fluent Forms <= 6.2.1 - Authenticated (Administrator+) Arbitrary File Read via Path Traversal in Email Attachment — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-22 4.9 Medium2026-05-06
CVE-2026-2306 Ninja Tables <= 5.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Table Creation — Ninja Tables – Easy Data Table BuilderCWE-862 4.3 Medium2026-05-06
CVE-2026-4160 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 6.1.21 - Insecure Direct Object Reference in Stripe SCA Confirmation to Unauthenticated Payment Status Modification — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-639 5.3 Medium2026-04-16
CVE-2026-2231 Fluent Booking <= 2.0.01 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters — Fluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar SolutionCWE-79 7.2 High2026-03-26
CVE-2026-2365 Fluent Forms Pro <= 6.1.17 - Unauthenticated Stored Cross-Site Scripting via Draft Form Submission — Fluent Forms Pro Add On PackCWE-79 7.2 High2026-03-05
CVE-2026-2899 Fluent Forms Pro Add On Pack <= 6.1.17 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion — Fluent Forms Pro Add On PackCWE-862 6.5 Medium2026-03-05
CVE-2026-2428 Fluent Forms Pro Add On Pack <= 6.1.17 - Missing Authorization to Unauthenticated Payment Status modification — Fluent Forms Pro Add On PackCWE-345 7.5 High2026-02-27
CVE-2026-0996 Fluent Forms <= 6.1.14 - Authenticated (Subscriber+) Stored Cross-Site Scripting via AI Form Builder Module — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-79 6.4 Medium2026-02-10
CVE-2026-0632 Fluent Forms Pro Add On Pack <= 6.1.12 - Authenticated (Subscriber+) Server-Side Request Forgery via 'saveDataSource' — Fluent Forms Pro Add On PackCWE-918 5.4 Medium2026-02-09
CVE-2025-13722 Fluent Forms <= 6.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Creation via AI Builder — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-862 5.3 Medium2026-01-07
CVE-2025-13728 FluentAuth - Auth Security Plugin <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'fluent_auth_reset_password' Shortcode — FluentAuth – The Ultimate Authorization & Security Plugin for WordPressCWE-79 6.4 Medium2025-12-15
CVE-2025-13748 Fluent Forms <= 6.1.7 - Unauthenticated Insecure Direct Object Reference to Payment Status Tampering via submission_id — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-639 5.3 Medium2025-12-06
CVE-2025-13756 Fluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar Solution <= 1.9.11 - Authenticated (Subscriber+) Missing Authorization to Calendar Import and Management — Fluent Booking – The Ultimate Appointments Scheduling, Events Booking, Events Calendar SolutionCWE-862 4.3 Medium2025-12-03
CVE-2025-12935 FluentCRM - Marketing Automation For WordPress <= 2.9.84 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'fluentcrm_content' Shortcode — FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM SolutionCWE-79 6.4 Medium2025-11-21
CVE-2025-9260 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder 5.1.16 - 6.1.1 - Authenticated (Subscriber+) PHP Object Injection To Arbitrary File Read — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-502 6.5 Medium2025-09-02
CVE-2025-2940 Ninja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated Server-Side Request Forgery — Ninja Tables – Easy Data Table BuilderCWE-918 7.2 High2025-06-27
CVE-2025-2939 Ninja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated PHP Object Injection to Limited Remote Code Execution — Ninja Tables – Easy Data Table BuilderCWE-502 5.6 Medium2025-06-03
CVE-2025-3615 Fluent Forms <= 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-79 6.4 Medium2025-04-17
CVE-2024-13666 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 5.2.12 - IP-Spoofing — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-20 5.3 Medium2025-03-22
CVE-2024-13568 Fluent Support – Helpdesk & Customer Support Ticket System <= 1.8.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Fluent Support – Helpdesk & Customer Support Ticket SystemCWE-200 7.5 High2025-03-01
CVE-2024-10646 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.2.6 - Unauthenticated Stored Cross-Site Scripting via Form Subject — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-79 7.2 High2024-12-14
CVE-2024-9511 FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider <= 2.2.82 - Unauthenticated PHP Object Injection — FluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP ProviderCWE-502 9.8 Critical2024-11-23
CVE-2024-9528 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Form Manager+) Stored Cross-Site Scripting — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-79 4.9 Medium2024-10-05
CVE-2024-5053 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.18 - Missing Authorization to Authenticated (Subscriber+) Mailchimp Integration Modification — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-285 4.2 Medium2024-09-01
CVE-2024-7304 Ninja Tables – Easiest Data Table Builder <= 5.0.12 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — Ninja Tables – Easy Data Table BuilderCWE-79 6.4 Medium2024-08-27
CVE-2024-6703 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Welcome Screen Fields — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-79 4.9 Medium2024-07-27
CVE-2024-6518 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Administrator+) Stored Cross-Site Scripting — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-79 4.4 Medium2024-07-27
CVE-2024-6520 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Administrator+) Stored Cross-Site Scripting — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-79 4.4 Medium2024-07-27
CVE-2024-6521 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Administrator+) Stored Cross-Site Scripting — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-79 4.4 Medium2024-07-27
CVE-2024-4157 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.15 - PHP Object Injection via extractDynamicValues — Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form BuilderCWE-502 7.5 High2024-05-22

This page lists every published CVE security advisory associated with techjewel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.