Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wpeka-club — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting wpeka-club. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wpeka-club is a WordPress plugin primarily used for creating and managing membership sites with subscription-based content access. Historically, it has been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, often stemming from insufficient input validation and improper access controls. The plugin's security posture has been compromised multiple times, with four CVEs recorded to date, highlighting recurring problems in sanitization and authentication mechanisms. These vulnerabilities have allowed attackers to execute arbitrary code, steal session cookies, and elevate privileges to administrative levels, posing significant risks to affected websites.

Top products by wpeka-club: WP AdCenter – Ad Manager & Adsense Ads SurveyFunnel – Survey Plugin for WordPress
CVE IDTitleCVSSSeverityPublished
CVE-2025-13006 SurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Unauthenticated Information Exposure — SurveyFunnel – Survey Plugin for WordPressCWE-200 5.3 Medium2025-12-05
CVE-2025-12417 SurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — SurveyFunnel – Survey Plugin for WordPressCWE-79 6.4 Medium2025-12-05
CVE-2024-10113 WP AdCenter – Ad Manager & Adsense Ads <= 2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpadcenter_ad Shortcode — WP AdCenter – Ad Manager & Adsense AdsCWE-79 6.4 Medium2024-11-15
CVE-2024-8317 WP AdCenter – Ad Manager & Adsense Ads <= 2.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ad_alignment Attribute — WP AdCenter – Ad Manager & Adsense AdsCWE-79 6.4 Medium2024-09-06

This page lists every published CVE security advisory associated with wpeka-club. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.