Browse all 3 CVE security advisories affecting wpvncom. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Wpvncom is a WordPress security plugin designed to detect and mitigate vulnerabilities in WordPress websites. Historically, it has been associated with common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. The plugin's security characteristics focus on vulnerability scanning and protection, though it has faced scrutiny for its own security posture. With three CVEs on record, wpvncom has experienced issues related to improper input validation and insufficient access controls, which could potentially allow attackers to bypass security measures or compromise affected systems. These vulnerabilities highlight the importance of regular security updates and thorough testing for WordPress security tools.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-2459 | UX Flat <= 4.4 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode — UX FlatCWE-79 | 7.4 | High | 2024-03-20 |
| CVE-2023-5314 | WP EXtra <= 6.2 - Missing Authorization to Arbitrary Email Sending — WP EXtra – One Click OptimizeCWE-862 | 4.3 | Medium | 2023-11-22 |
| CVE-2023-5311 | WP EXtra <= 6.2 - Missing Authorization to .htaccess File Modification — WP EXtra – One Click OptimizeCWE-862 | 8.8 | High | 2023-10-25 |
This page lists every published CVE security advisory associated with wpvncom. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.