Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

voidCoders — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting voidCoders. AI-powered Chinese analysis, POCs, and references for each vulnerability.

voidCoders develops security testing tools and penetration testing services, primarily targeting web applications and network infrastructure. Historically, their vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws. Their tools often contain insufficient input validation and improper access controls. voidCoders has been associated with multiple high-impact vulnerabilities in their flagship products, including one critical flaw that allowed unauthorized system compromise in 2022. Their codebase frequently exhibits poor sanitization practices and insecure default configurations. The group maintains six CVE records, with several remaining unpatched in legacy versions. Their testing methodologies have been criticized for introducing new security risks during assessment processes.

Top products by voidCoders: Void Contact Form 7 Widget For Elementor Page Builder WPBakery Visual Composer WHMCS Elements Innovs WPBakery Visual Composer WHMCS Elements
CVE IDTitleCVSSSeverityPublished
CVE-2025-68574 WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability — WPBakery Visual Composer WHMCS ElementsCWE-79 5.9 Medium2025-12-24
CVE-2025-47659 WordPress WPBakery Visual Composer WHMCS Elements plugin <= 1.0.4.3 - Cross Site Scripting (XSS) vulnerability — WPBakery Visual Composer WHMCS ElementsCWE-79 6.5 Medium2025-05-07
CVE-2024-10172 WPBakery Visual Composer WHMCS Elements <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via void_wbwhmcse_laouts_search Shortcode — Innovs WPBakery Visual Composer WHMCS ElementsCWE-79 6.4 Medium2024-11-21
CVE-2024-43291 WordPress Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability — Void Contact Form 7 Widget For Elementor Page BuilderCWE-79 5.9 Medium2024-08-18
CVE-2023-52214 WordPress Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.3 - Broken Access Control vulnerability — Void Contact Form 7 Widget For Elementor Page BuilderCWE-862 4.3 Medium2024-03-26
CVE-2022-47166 WordPress Void Contact Form 7 Widget For Elementor Page Builder Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF) — Void Contact Form 7 Widget For Elementor Page BuilderCWE-352 4.3 Medium2023-03-13

This page lists every published CVE security advisory associated with voidCoders. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.