ActivityPub — Vulnerabilities & Security Advisories 6

All 6 CVE vulnerabilities found in ActivityPub, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-4338	ActivityPub Routing < 8.0.2 - Unauthenticated Drafts/Scheduled/Pending Posts Disclosure	5.3^AI	Medium^AI	2026-04-08
CVE-2023-52199	WordPress ActivityPub plugin <= 1.0.5 - Unauthenticated Broken Access Control vulnerability CWE-862	6.5	Medium	2024-06-11
CVE-2023-3706	ActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Title Disclosure	4.3	-	2023-10-16
CVE-2023-3746	ActivityPub for WordPress < 1.0.1 - Contributor+ Stored XSS	5.4	-	2023-10-16
CVE-2023-5057	ActivityPub for WordPress < 1.0.0 - Contributor+ Stored XSS	5.4	-	2023-10-16
CVE-2023-3707	ActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Content Disclosure	6.5	-	2023-10-16

All 6 known CVE vulnerabilities affecting ActivityPub with full Chinese analysis, references, and POCs where available.