Browse all 3 CVE security advisories affecting webdzier. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Webdzier is a web application framework primarily used for building dynamic websites and web services. Historically, it has been susceptible to multiple vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, with three CVEs currently documented. The framework's security characteristics include potential risks from improper input validation and insufficient access controls. While no major public security incidents have been widely reported, the existing CVEs indicate consistent security challenges that require careful implementation and regular updates to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-11501 | Gallery <= 1.3 - Authenticated (Contributor+) PHP Object Injection — GalleryCWE-502 | 8.8 | High | 2024-12-07 |
| CVE-2024-43991 | WordPress Hotel Galaxy theme <= 4.4.24 - Cross Site Scripting (XSS) vulnerability — Hotel GalaxyCWE-79 | 6.5 | Medium | 2024-09-17 |
| CVE-2023-23871 | WordPress Button Plugin <= 1.1.23 is vulnerable to Cross Site Scripting (XSS) — ButtonCWE-79 | 5.9 | Medium | 2023-08-10 |
This page lists every published CVE security advisory associated with webdzier. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.