Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Photo Engine — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in Photo Engine, with AI-generated Chinese analysis, references, and POCs.

Vendor: Jordy Meow

CVE IDTitleCVSSSeverityPublished
CVE-2026-32524 WordPress Photo Engine plugin <= 6.4.9 - Arbitrary File Upload vulnerability CWE-434 9.8 -2026-03-25
CVE-2025-54672 WordPress Photo Engine Plugin plugin <= 6.4.3 - Cross Site Request Forgery (CSRF) Vulnerability CWE-352 4.3 Medium2025-08-14
CVE-2024-43332 WordPress Photo Engine plugin <= 6.4.0 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-11-01
CVE-2024-39660 WordPress Photo Engine (Media Organizer & Lightroom) plugin <= 6.3.1 - Cross Site Scripting (XSS) vulnerability CWE-79 5.9 Medium2024-08-01

All 4 known CVE vulnerabilities affecting Photo Engine with full Chinese analysis, references, and POCs where available.