Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

weblizar — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting weblizar. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Weblizar develops WordPress themes and plugins primarily for website building and e-commerce solutions. Historically, their products have frequently contained cross-site scripting (XSS) vulnerabilities, remote code execution (RCE) flaws, and privilege escalation issues, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the eight CVEs attributed to Weblizar indicate a pattern of security shortcomings that could allow attackers to compromise websites, steal data, or gain unauthorized administrative access, highlighting the importance of regular updates and security hardening for their products.

Top products by weblizar: User Login Log Plugin Admin Custom Login The School Management – Education & Learning Management Coming Soon Page – Responsive Coming Soon & Maintenance Mode Lightbox slider – Responsive Lightbox Gallery School Management Pro Coming Soon Institute Management – Learning Management System
CVE IDTitleCVSSSeverityPublished
CVE-2026-2714 Institute Management <= 5.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Enquiry Form Title' Setting — Institute Management – Learning Management SystemCWE-79 4.4 Medium2026-04-22
CVE-2024-38756 WordPress Coming Soon Page – Responsive Coming Soon & Maintenance Mode plugin <= 1.6.3 - Sensitive Data Exposure vulnerability — Coming SoonCWE-200 5.3 Medium2024-08-13
CVE-2024-33911 WordPress The School Management Pro plugin <= 10.3.4 - SQL Injection vulnerability — School Management ProCWE-89 7.6 High2024-05-02
CVE-2024-1858 Lightbox slider – Responsive Lightbox Gallery <= 1.9.9 - Authenticated (Contributor+) PHP Object Injection — Lightbox slider – Responsive Lightbox GalleryCWE-502 5.4 Medium2024-03-29
CVE-2022-46849 WordPress Coming Soon Plugin <= 1.5.9 is vulnerable to SQL Injection — Coming Soon Page – Responsive Coming Soon & Maintenance ModeCWE-89 7.6 High2023-11-06
CVE-2022-47430 WordPress The School Management – Education & Learning Management Plugin <= 4.1 is vulnerable to SQL Injection — The School Management – Education & Learning ManagementCWE-89 6.7 Medium2023-11-06
CVE-2017-20056 weblizar User Login Log Plugin Stored cross site scriting — User Login Log PluginCWE-80 3.5 Low2022-06-16
CVE-2021-34628 Admin Custom Login <= 3.2.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Admin Custom LoginCWE-352 8.8 High2021-08-02

This page lists every published CVE security advisory associated with weblizar. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.