Author Avatars List/Block — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in Author Avatars List/Block, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-39690	WordPress Author Avatars List/Block plugin <= 2.1.25 - Broken Access Control vulnerability CWE-862	8.1^AI	High^AI	2026-04-08
CVE-2025-22804	WordPress Author Avatars List/Block plugin <= 2.1.23 - Stored Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2025-01-09
CVE-2024-47370	WordPress Author Avatars List/Block plugin <= 2.1.21 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-10-05
CVE-2023-49846	WordPress Author Avatars List/Block Plugin <= 2.1.17 is vulnerable to Cross Site Scripting (XSS) CWE-79	6.5	Medium	2023-12-14

All 4 known CVE vulnerabilities affecting Author Avatars List/Block with full Chinese analysis, references, and POCs where available.