Browse all 15 CVE security advisories affecting wpkube. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WPKube is a WordPress resource hub providing tutorials, plugins, and themes to enhance website functionality. Historically, its offerings have been associated with multiple security vulnerabilities, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws. The platform has recorded 15 CVEs, with several critical issues allowing attackers to bypass security controls, execute arbitrary code, or gain unauthorized administrative access. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in its extensions suggests potential risks for users implementing these resources without proper hardening or regular updates.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-12010 | Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode — Authors ListCWE-200 | 6.5 | Medium | 2025-11-11 |
| CVE-2025-58792 | WordPress Authors List plugin <= 2.0.6.2 - Cross Site Request Forgery (CSRF) vulnerability — Authors ListCWE-352 | 4.3 | Medium | 2025-09-05 |
| CVE-2024-13806 | Authors List <= 2.0.6 - Unauthenticated Arbitrary Shortcode Execution — Authors ListCWE-94 | 6.5 | Medium | 2025-03-01 |
| CVE-2024-10952 | Authors List <= 2.0.4 - Unauthenticated Arbitrary Shortcode Execution via update_authors_list_ajax — Authors ListCWE-94 | 7.3 | High | 2024-12-04 |
| CVE-2023-37981 | WordPress Authors List Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS) — Authors ListCWE-79 | 7.1 | High | 2023-07-27 |
This page lists every published CVE security advisory associated with wpkube. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.