vowelweb 厂商漏洞列表 / CVE 中文分析 15

vowelweb 厂商相关 15 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

该项目是一个开源Web框架，主要用于构建动态网站和应用程序。历史上常见漏洞类型包括远程代码执行、跨站脚本攻击和权限绕过问题。截至最新统计，该框架已记录15条CVE漏洞，其中多数与输入验证不足和会话管理缺陷相关。安全社区多次指出其默认配置存在安全风险，建议开发者及时更新版本并实施严格的安全措施。

上位製品 vowelweb: Ibtana – WordPress Website Builder Ibtana VW Automobile Lite VW Storefront Industrial Lite Sirat VW Pet Shop VW Portfolio VW Education Lite VW School Education VW Fitness VW Photography

CVEs 15

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2026-1834	Ibtana - WordPress Website Builder <= 1.2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Ibtana – WordPress Website BuilderCWE-80	6.4	Medium	2026-03-31
CVE-2026-32435	WordPress VW Pet Shop theme <= 1.4.7 - Broken Access Control vulnerability — VW Pet ShopCWE-862	5.3	Medium	2026-03-13
CVE-2026-32437	WordPress VW Portfolio theme <= 1.3.3 - Broken Access Control vulnerability — VW PortfolioCWE-862	5.3	Medium	2026-03-13
CVE-2026-32438	WordPress VW School Education theme <= 1.4.6 - Broken Access Control vulnerability — VW School EducationCWE-862	5.3	Medium	2026-03-13
CVE-2026-32434	WordPress VW Fitness theme <= 4.3.4 - Broken Access Control vulnerability — VW FitnessCWE-862	5.3	Medium	2026-03-13
CVE-2026-32436	WordPress VW Photography theme <= 1.3.8 - Broken Access Control vulnerability — VW PhotographyCWE-862	5.3	Medium	2026-03-13
CVE-2026-32427	WordPress VW Education Lite plugin <= 2.2.0 - Broken Access Control vulnerability — VW Education LiteCWE-862	5.3	Medium	2026-03-13
CVE-2025-39385	WordPress Sirat theme <= 1.5.1 - Broken Access Control vulnerability — SiratCWE-862	4.3	Medium	2025-04-24
CVE-2025-26955	WordPress Industrial Lite theme <= 1.0.8 - Broken Access Control vulnerability — Industrial LiteCWE-862	4.3	Medium	2025-04-15
CVE-2024-13686	VW Storefront <= 0.9.9 - Missing Authorization to Authenticated (Subscriber+) Settings Reset — VW StorefrontCWE-862	4.3	Medium	2025-03-04
CVE-2024-56234	WordPress VW Automobile Lite theme <= 2.1 - Broken Access Control vulnerability — VW Automobile LiteCWE-862	5.4	Medium	2024-12-31
CVE-2024-37123	WordPress Ibtana – WordPress Website Builder plugin <= 1.2.3.3 - Broken Access Control vulnerability — IbtanaCWE-862	5.3	Medium	2024-11-01
CVE-2024-8282	Ibtana – WordPress Website Builder <= 1.2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute — Ibtana – WordPress Website BuilderCWE-79	6.4	Medium	2024-10-02
CVE-2024-5541	Ibtana - WordPress Website Builder <= 1.2.3.3 - Unauthenticated reCAPTCHA Settings Update — Ibtana – WordPress Website BuilderCWE-862	5.3	Medium	2024-06-18
CVE-2023-6684	Ibtana – WordPress Website Builder <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Ibtana – WordPress Website BuilderCWE-79	6.4	Medium	2024-01-11

本页汇总了 vowelweb 厂商截至目前公开的全部 15 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

vowelweb 厂商漏洞列表 / CVE 中文分析 15

目標達成すべての支援者に感謝 — 100%達成しました！