Browse all 25 CVE security advisories affecting wpweb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WPWeb operates as a provider of web hosting and domain registration services, primarily targeting small to medium-sized enterprises and individual developers seeking managed infrastructure solutions. Security audits have identified twenty-five distinct Common Vulnerabilities and Exposures (CVEs) associated with its platform, indicating a persistent pattern of implementation flaws. The most prevalent vulnerability classes include Remote Code Execution (RCE) and Cross-Site Scripting (XSS), often stemming from inadequate input validation in custom control panels. Additionally, several instances of privilege escalation have been documented, allowing unauthorized users to gain administrative access to client accounts. While WPWeb has issued patches for critical issues, the high volume of recorded CVEs suggests inconsistent security hygiene in its software development lifecycle. These incidents highlight significant risks for clients relying on the platform for sensitive data storage, necessitating rigorous third-party security assessments and strict access controls to mitigate potential breaches.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68547 | WordPress Follow My Blog Post plugin <= 2.4.0 - Arbitrary Content Deletion vulnerability — Follow My Blog PostCWE-862 | 7.5 | High | 2026-01-05 |
| CVE-2025-64258 | WordPress Follow My Blog Post plugin <= 2.3.9 - Sensitive Data Exposure vulnerability — Follow My Blog PostCWE-497 | 7.5 | High | 2025-12-18 |
This page lists every published CVE security advisory associated with wpweb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.