Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wpshuffle — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting wpshuffle. AI-powered Chinese analysis, POCs, and references for each vulnerability.

wpshuffle is a WordPress plugin designed to shuffle post content for content variation purposes. Historically, it has been vulnerable to multiple security issues, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities. These flaws often stem from insufficient input validation and improper access controls. The plugin has accumulated 10 CVEs, indicating a pattern of security weaknesses. While no major public incidents have been widely documented, the consistent discovery of vulnerabilities suggests potential risks for unpatched installations. Users are advised to maintain updated versions and implement additional security measures to mitigate potential exploitation.

Top products by wpshuffle: Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin Subscribe to Download Subscribe To Unlock WP Subscription Forms PRO
CVE IDTitleCVSSSeverityPublished
CVE-2026-1296 Frontend Post Submission Manager Lite <= 1.2.7 - Unauthenticated Open Redirect via 'requested_page' Parameter — Frontend Post Submission Manager Lite – Frontend Posting WordPress PluginCWE-601 6.1 Medium2026-02-18
CVE-2025-14913 Frontend Post Submission Manager Lite <= 1.2.6 - Incorrect Authorization to Unauthenticated Arbitrary Attachment Deletion — Frontend Post Submission Manager Lite – Frontend Posting WordPress PluginCWE-862 5.3 Medium2025-12-25
CVE-2025-14080 Frontend Post Submission Manager Lite <= 1.2.5 - Missing Authorization to Unauthenticated Arbitrary Post Modification — Frontend Post Submission Manager Lite – Frontend Posting WordPress PluginCWE-862 5.3 Medium2025-12-21
CVE-2025-60224 WordPress Subscribe to Download plugin <= 2.0.9 - PHP Object Injection vulnerability — Subscribe to DownloadCWE-502 9.8 Critical2025-10-22
CVE-2025-60166 WordPress WP Subscription Forms PRO Plugin <= 2.0.5 - Arbitrary Content Deletion Vulnerability — WP Subscription Forms PROCWE-862 4.3 Medium2025-09-26
CVE-2025-60153 WordPress Subscribe To Unlock Plugin <= 1.1.5 - Local File Inclusion Vulnerability — Subscribe To UnlockCWE-98 7.5 High2025-09-26
CVE-2025-60150 WordPress Subscribe to Download plugin <= 2.0.9 - Local File Inclusion vulnerability — Subscribe to DownloadCWE-98 7.5 High2025-09-26
CVE-2025-60152 WordPress Subscribe To Unlock Plugin <= 1.1.5 - Broken Access Control Vulnerability — Subscribe To UnlockCWE-862 4.3 Medium2025-09-26
CVE-2025-60148 WordPress Subscribe to Download plugin <= 2.0.9 - Broken Access Control vulnerability — Subscribe to DownloadCWE-862 4.3 Medium2025-09-26
CVE-2024-8427 Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update — Frontend Post Submission Manager Lite – Frontend Posting WordPress PluginCWE-862 4.3 Medium2024-09-06

This page lists every published CVE security advisory associated with wpshuffle. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.