Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wbcomdesigns — Vulnerabilities & Security Advisories 3

Browse all 3 CVE security advisories affecting wbcomdesigns. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wbcomdesigns develops WordPress themes and plugins for website creation, with three CVEs recorded. Historically, vulnerabilities include stored cross-site scripting (XSS) and remote code execution (RCE) in their products, often stemming from insufficient input validation and improper sanitization. Security assessments reveal inconsistent access controls and privilege escalation risks in their extensions. While no major public incidents are documented, the CVE pattern suggests ongoing security challenges in their development practices. Their plugins' broad installation base increases potential exposure, making regular updates and security hardening critical for users.

Top products by wbcomdesigns: Wbcom Designs – BuddyPress Group Reviews Wbcom Designs – Custom Font Uploader Wbcom Designs
CVE IDTitleCVSSSeverityPublished
CVE-2025-67582 WordPress Wbcom Designs plugin <= 2.1.1 - Broken Access Control vulnerability — Wbcom DesignsCWE-862 5.3 Medium2025-12-09
CVE-2024-5489 Wbcom Designs - Custom Font Uploader <= 2.3.4 - Missing Authorization to Font Deletion — Wbcom Designs – Custom Font UploaderCWE-862 4.3 Medium2024-06-06
CVE-2022-2108 Wbcom Designs – BuddyPress Group Reviews <= 2.8.3 - Unauthorized AJAX Actions due to Nonce Bypass — Wbcom Designs – BuddyPress Group ReviewsCWE-862 6.5 Medium2022-07-18

This page lists every published CVE security advisory associated with wbcomdesigns. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.