Browse all 3 CVE security advisories affecting wpseek. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Wpseek is a WordPress security scanner designed to detect vulnerabilities in plugins and themes. Historically, it has commonly identified remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities in WordPress extensions. The tool focuses on automated vulnerability detection by comparing installed components against a database of known issues. Wpseek has documented three CVEs, primarily involving insufficient input validation and improper access controls in WordPress plugins. While no major security incidents have been publicly attributed to the tool itself, its effectiveness depends on regular updates to its vulnerability database and proper configuration by users.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62965 | WordPress Admin Management Xtended plugin <= 2.5.1 - Broken Access Control vulnerability — Admin Management XtendedCWE-862 | 4.3 | Medium | 2025-10-27 |
| CVE-2025-23906 | WordPress WordPress Dashboard Tweeter plugin <= 1.3.2 - Settings Change vulnerability — WordPress Dashboard TweeterCWE-862 | 6.5 | Medium | 2025-04-17 |
| CVE-2024-49307 | WordPress Admin Management Xtended plugin <= 2.4.6 - Cross Site Scripting (XSS) vulnerability — Admin Management XtendedCWE-79 | 6.5 | Medium | 2024-10-17 |
This page lists every published CVE security advisory associated with wpseek. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.