All 4 CVE vulnerabilities found in Contact Manager, with AI-generated Chinese analysis, references, and POCs.
Vendor: kleor
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32517 | WordPress Contact Manager plugin <= 9.1 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 | 6.1 | - | 2026-03-25 |
| CVE-2025-68853 | WordPress Contact Manager plugin <= 9.1.1 - PHP Object Injection vulnerability CWE-502 | 8.8 | High | 2026-02-20 |
| CVE-2025-8783 | Contact Manager <= 8.6.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'title' CWE-79 | 4.4 | Medium | 2025-08-19 |
| CVE-2025-1028 | Contact Manager <= 8.6.4 - Unauthenticated Arbitrary Double File Extension Upload CWE-434 | 8.1 | High | 2025-02-05 |
All 4 known CVE vulnerabilities affecting Contact Manager with full Chinese analysis, references, and POCs where available.