Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

Spectra — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in Spectra, with AI-generated Chinese analysis, references, and POCs.

This page is a vulnerability aggregation resource for Spectra, focusing on Common Weakness Enumerations and security advisories from the vendor. It collects a comprehensive range of software flaws, including injection attacks, cross-site scripting, broken access control, and buffer overflow vulnerabilities discovered in Spectra products. The data covers security incidents reported from the initial release up to the current date, providing a chronological view of the product's security landscape over time. By using this resource, users can track a vendor's advisories to stay informed about critical patches and configuration changes, understand a weakness class by analyzing common patterns and root causes within this specific software environment, and look up a product's vulnerability history to assess long-term security trends and remediation effectiveness. This aggregated view helps security professionals, developers, and system administrators evaluate the risk posture of Spectra deployments without sifting through disparate sources. The information is organized to facilitate quick reference for incident response, penetration testing validation, and compliance auditing purposes. Readers can use the details to correlate specific weaknesses with version numbers or release dates, aiding in the prioritization of updates and mitigation strategies. The content is derived from official vendor notifications, public database entries, and verified security research, ensuring accuracy and relevance for enterprise security operations.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2026-42648 WordPress Spectra plugin <= 2.19.22 - Broken Access Control vulnerability CWE-862 4.3 Medium2026-04-29
CVE-2026-24982 WordPress Spectra plugin <= 2.19.17 - Broken Access Control vulnerability CWE-862 5.3 Medium2026-02-03
CVE-2023-23729 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Contributor+ reCAPTCHA Settings Change Vulnerability CWE-862 5.4 Medium2025-12-09
CVE-2023-23825 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Import_WPforms vulnerability CWE-862 3.1 Low2024-12-09
CVE-2023-23834 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Activate_Plugin vulnerability CWE-862 4.3 Medium2024-12-09
CVE-2024-37517 WordPress Spectra plugin <= 2.13.7 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-11-01
CVE-2024-7590 WordPress Spectra plugin<= 2.14.1 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2024-08-12
CVE-2023-36676 WordPress Spectra plugin <= 2.6.6 - Broken Access Control vulnerability CWE-862 5.4 Medium2024-06-19
CVE-2023-23738 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Unauthenticated Email Spoofing Vulnerability CWE-74 5.3 Medium2024-06-03
CVE-2023-23735 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Unauthenticated Email HTML Injection Vulnerability CWE-80 5.3 Medium2024-06-03
CVE-2023-23730 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Captcha Bypass Vulnerability CWE-307 5.3 Medium2024-06-03
CVE-2023-36679 WordPress Spectra plugin <= 2.6.6 - Server Side Request Forgery (SSRF) vulnerability CWE-918 7.1 High2024-03-28
CVE-2020-36656 Spectra < 1.15.0 - Contributor+ Stored Cross-Side Scripting 5.4 -2023-02-21

All 13 known CVE vulnerabilities affecting Spectra with full Chinese analysis, references, and POCs where available.