Browse all 22 CVE security advisories affecting wpdevelop. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Wpdevelop is a commercial web development platform designed to facilitate the creation and management of WordPress-based websites, primarily targeting developers and agencies seeking streamlined deployment workflows. Security audits have identified twenty-two distinct Common Vulnerabilities and Exposures (CVEs) associated with the software, highlighting significant risks in its architecture. Historically, these vulnerabilities predominantly manifest as Remote Code Execution (RCE) and Cross-Site Scripting (XSS) flaws, often stemming from insufficient input validation and improper handling of user-supplied data. Additionally, several instances of privilege escalation have been documented, allowing unauthorized users to gain administrative access. While specific major public incidents remain limited in widespread media coverage, the high volume of disclosed CVEs indicates persistent security gaps in authentication mechanisms and file inclusion processes. Organizations utilizing Wpdevelop must prioritize rigorous patch management and continuous monitoring to mitigate these known attack vectors effectively.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-56292 | WordPress Email Reminders Plugin <= 2.0.5 - Cross Site Scripting (XSS) vulnerability — Email RemindersCWE-79 | 5.9 | Medium | 2025-01-07 |
| CVE-2024-11945 | Email Reminders <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter — Email RemindersCWE-79 | 6.4 | Medium | 2024-12-10 |
This page lists every published CVE security advisory associated with wpdevelop. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.