All 4 CVE vulnerabilities found in Spirit Framework, with AI-generated Chinese analysis, references, and POCs.
Vendor: Dourou
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-54263 | WordPress Spirit Framework plugin <= 1.2.13 - Local File Inclusion vulnerability CWE-98 | 7.5 | High | 2026-02-02 |
| CVE-2025-6388 | Spirit Framework <= 1.2.14 - Authentication Bypass to Account Takeover and Privilege Escalation CWE-288 | 9.8 | Critical | 2025-10-03 |
| CVE-2025-10269 | Spirit Framework <= 1.2.13 - Authenticated (Subscriber+) Local File Inclusion CWE-98 | 7.5 | High | 2025-09-12 |
| CVE-2025-49428 | WordPress Spirit Framework plugin <= 1.2.13 - Local File Inclusion vulnerability CWE-98 | 7.5 | High | 2025-08-20 |
All 4 known CVE vulnerabilities affecting Spirit Framework with full Chinese analysis, references, and POCs where available.