Breaking News WP — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in Breaking News WP, with AI-generated Chinese analysis, references, and POCs.

Vendor: doit

CVE ID	Title	CVSS	Severity	Published
CVE-2026-4280	Breaking News WP <= 1.3 - Missing Authorization to Authenticated (Subscriber+) Local File Inclusion/Read CWE-22	6.5	Medium	2026-04-22
CVE-2025-31751	WordPress Breaking News WP Plugin <= 1.3 - CSRF to Settings Change vulnerability CWE-352	6.5	Medium	2025-04-01
CVE-2025-31750	WordPress Breaking News WP Plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability CWE-79	5.9	Medium	2025-04-01

All 3 known CVE vulnerabilities affecting Breaking News WP with full Chinese analysis, references, and POCs where available.