Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Simple Local Avatars — Vulnerabilities & Security Advisories 3

All 3 CVE vulnerabilities found in Simple Local Avatars, with AI-generated Chinese analysis, references, and POCs.

Vendor: 10up

CVE IDTitleCVSSSeverityPaused
CVE-2025-8482 Simple Local Avatars <= 2.8.4 - Missing Authorization to Authenticated (Subscriber+) Avatar Migration CWE-862 4.3 Medium2025-08-12
CVE-2024-10786 Simple Local Avatars <= 2.7.11 - Missing Authorization to Authenticated (Subscriber+) User Cache Clearing CWE-862 4.3 Medium2024-11-16
CVE-2024-43116 WordPress Simple Local Avatars plugin <= 2.7.10 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 4.3 Medium2024-08-26

All 3 known CVE vulnerabilities affecting Simple Local Avatars with full Chinese analysis, references, and POCs where available.