Browse all 4 CVE security advisories affecting wpfeedback. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Wpfeedback is a WordPress plugin designed to collect and manage user feedback through forms and comments. Historically, it has been vulnerable to multiple security issues, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation vulnerabilities. The plugin's handling of user input and file uploads has frequently led to security flaws. With four CVEs recorded, wpfeedback has demonstrated recurring security weaknesses, particularly in input validation and access control. While no major public incidents have been widely documented, its vulnerability history suggests consistent security challenges that require careful implementation and regular updates by site administrators.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12104 | Visual Website Collaboration, Feedback & Project Management – Atarim <= 4.0.9 - Missing Authorization to Authenticated (Subscriber+) Project Page/File Deletion — Atarim – Visual Feedback, Review & AI CollaborationCWE-862 | 5.3 | Medium | 2025-01-21 |
| CVE-2024-7621 | Visual Website Collaboration, Feedback & Project Management – Atarim <= 4.0.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update — Atarim – Visual Feedback, Review & AI CollaborationCWE-862 | 5.4 | Medium | 2024-08-10 |
| CVE-2024-2793 | Visual Website Collaboration, Feedback & Project Management – Atarim <= 3.30 - Unauthenticated Stored Cross-Site Scripting — Atarim – Visual Feedback, Review & AI CollaborationCWE-79 | 7.2 | High | 2024-05-31 |
| CVE-2024-2038 | Visual Website Collaboration, Feedback & Project Management – Atarim <= 3.22.6 - Hardcoded Credentials — Atarim – Visual Feedback, Review & AI CollaborationCWE-259 | 7.5 | High | 2024-05-23 |
This page lists every published CVE security advisory associated with wpfeedback. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.