Browse all 5 CVE security advisories affecting wppool. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WPPOOL is a WordPress resource provider offering themes, plugins, and tutorials for website development. Historically, their products have been associated with multiple security vulnerabilities, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation issues. These vulnerabilities often stem from insufficient input validation, insecure direct object references, and inadequate access controls. While no major public security incidents have been widely documented, the five CVEs attributed to WPPOOL highlight ongoing security concerns in their ecosystem. Their plugins and themes, while popular, have occasionally contained flaws that could allow attackers to compromise websites, underscoring the importance of regular security audits and updates for users of their products.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-34375 | WordPress Sheets to WP Table Live Sync plugin <= 3.7.0 - Cross Site Scripting (XSS) vulnerability — Sheets To WP Table Live SyncCWE-79 | 5.9 | Medium | 2024-05-06 |
| CVE-2023-26535 | WordPress Sheets To WP Table Live Sync Plugin <= 2.12.15 is vulnerable to Cross Site Request Forgery (CSRF) — Sheets To WP Table Live SyncCWE-352 | 5.4 | Medium | 2023-11-22 |
This page lists every published CVE security advisory associated with wppool. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.