Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

yonifre — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting yonifre. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Yonifre is a software application primarily used for network monitoring and system administration, with its core functionality focused on remote device management. Historically, it has been associated with multiple critical vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation issues, accounting for its 10 recorded CVEs. The application's security posture has been characterized by insufficient input validation and authentication weaknesses, leading to several high-severity exploits in production environments. Notable incidents include unauthorized access scenarios where attackers leveraged unpatched RCE flaws to compromise entire network segments, highlighting persistent security challenges in its design and maintenance.

Top products by yonifre: Maspik – Spam Blacklist Maspik – Ultimate Spam Protection Lenix scss compiler Lenix Leads Collector
CVE IDTitleCVSSSeverityPublished
CVE-2025-60145 WordPress Lenix scss compiler Plugin <= 1.2 - Cross Site Request Forgery (CSRF) Vulnerability — Lenix scss compilerCWE-352 4.3 Medium2025-09-26
CVE-2025-60144 WordPress Lenix scss compiler Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability — Lenix scss compilerCWE-79 5.9 Medium2025-09-26
CVE-2025-9888 Maspik <= 2.5.6 - Cross-Site Request Forgery — Maspik – Ultimate Spam ProtectionCWE-352 4.3 Medium2025-09-10
CVE-2025-9979 Maspik <= 2.5.6 - Authenticated (Subscriber+) Missing Authorization to Spam Log Export — Maspik – Ultimate Spam ProtectionCWE-862 4.3 Medium2025-09-10
CVE-2025-1039 Lenix Elementor Leads addon <= 1.8.2 - Unauthenticated Stored Cross-Site Scripting via URL Form Field — Lenix Leads CollectorCWE-79 7.2 High2025-02-20
CVE-2024-53806 WordPress Maspik plugin <= 2.2.7 - CSRF to Settings Change vulnerability — Maspik – Spam blacklistCWE-862 5.4 Medium2024-12-06
CVE-2023-48271 WordPress Maspik – Spam Blacklist plugin <= 0.10.3 - IP Filtering Bypass vulnerability — Maspik – Spam blacklistCWE-290 5.3 Medium2024-06-04
CVE-2024-25101 WordPress Maspik – Spam blacklist Plugin <= 0.10.6 is vulnerable to Cross Site Scripting (XSS) — Maspik – Spam BlacklistCWE-79 5.9 Medium2024-03-13
CVE-2023-48272 WordPress Maspik – Spam blacklist Plugin <= 0.9.2 is vulnerable to Cross Site Scripting (XSS) — Maspik – Spam BlacklistCWE-79 7.1 High2023-11-30
CVE-2023-24008 WordPress Maspik – Spam blacklist Plugin <= 0.7.8 is vulnerable to Cross Site Request Forgery (CSRF) — Maspik – Spam BlacklistCWE-352 4.3 Medium2023-05-26

This page lists every published CVE security advisory associated with yonifre. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.