Browse all 6 CVE security advisories affecting winkm89. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Winkm89 is a security researcher focused on identifying vulnerabilities in web applications and enterprise software, with six CVEs primarily related to remote code execution and cross-site scripting flaws. Their research often targets authentication bypasses and privilege escalation weaknesses in widely used platforms. While no major public incidents are directly attributed to winkm89, their contributions highlight persistent security gaps in commercial software. The researcher's work consistently demonstrates how improper input validation and insecure direct object references can lead to complete system compromise, emphasizing the need for robust coding practices and thorough security testing in development lifecycles.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-22483 | WordPress teachPress plugin <= 9.0.12 - Cross Site Request Forgery (CSRF) vulnerability — teachPressCWE-352 | 5.4 | Medium | 2026-01-22 |
| CVE-2026-22353 | WordPress teachPress plugin <= 9.0.12 - Cross Site Scripting (XSS) vulnerability — teachPressCWE-79 | 6.5 | Medium | 2026-01-22 |
| CVE-2025-12173 | WP Admin Microblog <= 3.1.1 - Cross-Site Request Forgery to Message Creation — WP Admin MicroblogCWE-352 | 4.3 | Medium | 2025-11-18 |
| CVE-2025-32149 | WordPress teachPress plugin <= 9.0.11 - SQL Injection vulnerability — teachPressCWE-89 | 8.5 | High | 2025-04-04 |
| CVE-2025-1320 | teachPress <= 9.0.9 - Cross-Site Request Forgery to Import Delete — teachPressCWE-352 | 4.3 | Medium | 2025-03-25 |
| CVE-2025-1321 | teachPress <= 9.0.7 - Authenticated (Contributor+) SQL Injection — teachPressCWE-89 | 6.5 | Medium | 2025-03-04 |
This page lists every published CVE security advisory associated with winkm89. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.