Browse all 3 CVE security advisories affecting wibergsweb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Wibergsweb develops web applications primarily for small businesses, focusing on custom content management and e-commerce solutions. Historically, their applications have been vulnerable to cross-site scripting (XSS) and remote code execution (RCE) due to insufficient input validation and insecure deserialization. In 2021, a critical privilege escalation flaw in their admin panel allowed unauthorized access to user data, affecting multiple clients. While no major public breaches have been documented, their consistent presence in CVE reports suggests ongoing security challenges, particularly in sanitizing user inputs and implementing proper access controls.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-54275 | WordPress CSV to html plugin <= 3.08 - Reflected Cross Site Scripting (XSS) vulnerability — CSV to htmlCWE-79 | 7.1 | High | 2024-12-13 |
| CVE-2024-52406 | WordPress CSV to html plugin <= 3.26 - Arbitrary File Upload vulnerability — CSV to htmlCWE-434 | 9.9 | Critical | 2024-11-16 |
| CVE-2024-6634 | Master Currency WP <= 1.1.61 - Authenticated (Contributor+) Stored Cross-Site Scripting via Currency Converter Form Shortcode — Master Currency WPCWE-79 | 6.4 | Medium | 2024-07-27 |
This page lists every published CVE security advisory associated with wibergsweb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.