Browse all 4 CVE security advisories affecting yudiz. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Yudiz develops custom web and mobile applications, primarily serving enterprise clients with digital transformation solutions. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and misconfigured access controls. While no major public security incidents have been documented, the four CVEs associated with their codebase highlight recurring issues in authentication mechanisms and insecure data handling. Their applications typically process sensitive user data, making proper security controls critical. The company's focus on rapid development may occasionally lead to security oversights, though they have demonstrated responsiveness in addressing reported vulnerabilities through patch releases.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-11994 | Easy Email Subscription <= 1.3 - Unauthenticated Stored Cross-Site Scripting — Easy Email SubscriptionCWE-79 | 7.2 | High | 2025-11-12 |
| CVE-2025-10691 | Easy Email Subscription <= 1.3 - Cross-Site Request Forgery to Arbitrary Subscriber Deletion — Easy Email SubscriptionCWE-352 | 4.3 | Medium | 2025-11-06 |
| CVE-2025-10683 | Easy Email Subscription <= 1.3 - Authenticated (Admin+) SQL Injection via uid — Easy Email SubscriptionCWE-89 | 4.9 | Medium | 2025-11-06 |
| CVE-2023-2237 | WP Replicate Post <= 4.0.2 - Authenticated (Contributor+) SQL Injection — WP Replicate PostCWE-89 | 8.8 | High | 2023-06-09 |
This page lists every published CVE security advisory associated with yudiz. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.