Browse all 4 CVE security advisories affecting uapp. AI-powered Chinese analysis, POCs, and references for each vulnerability.
uapp is a mobile application development platform enabling businesses to create cross-platform apps without extensive coding. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues due to insufficient input validation and improper access controls. The platform's four recorded CVEs highlight recurring problems in its sandbox implementation and data handling mechanisms. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests developers should implement additional security layers and apply patches promptly. uapp's architecture prioritizes convenience over security, requiring careful configuration to mitigate risks associated with its rapid development approach.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-8666 | Testimonial Carousel For Elementor <= 11.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Testimonial Carousel For ElementorCWE-79 | 6.4 | Medium | 2025-10-25 |
| CVE-2024-2253 | Testimonial Carousel For Elementor <= 10.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Testimonial Carousel For ElementorCWE-79 | 6.4 | Medium | 2024-05-30 |
| CVE-2024-4858 | Testimonial Carousel For Elementor <= 10.2.0 - Missing Authorization to Limited Setting Update — Testimonial Carousel For ElementorCWE-862 | 5.3 | Medium | 2024-05-25 |
| CVE-2024-4698 | Testimonial Carousel For Elementor <= 10.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Testimonial Carousel For ElementorCWE-79 | 6.4 | Medium | 2024-05-18 |
This page lists every published CVE security advisory associated with uapp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.