Browse all 11 CVE security advisories affecting unfoldwp. AI-powered Chinese analysis, POCs, and references for each vulnerability.
UnfoldWP is a WordPress plugin that enables users to create interactive, animated content for websites. Historically, it has been associated with multiple critical vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation issues. These vulnerabilities often stem from insufficient input validation and improper access controls. With 11 CVEs recorded, the plugin has faced repeated security concerns, including instances where flaws allowed attackers to execute arbitrary code or compromise user accounts. Despite updates, the persistent pattern of vulnerabilities suggests ongoing challenges in secure development practices, making it a notable concern for WordPress administrators who prioritize security.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-49278 | WordPress Blogty theme <= 1.0.11 - Local File Inclusion Vulnerability — BlogtyCWE-98 | 8.1 | High | 2025-06-09 |
This page lists every published CVE security advisory associated with unfoldwp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.