All 6 CVE vulnerabilities found in Stream, with AI-generated Chinese analysis, references, and POCs.
Vendor: Unknown
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-13879 | Stream <= 4.0.2 - Authenticated (Admin+) Server-Side Request Forgery CWE-918 | 5.5 | Medium | 2025-02-17 |
| CVE-2024-7423 | Stream <= 4.0.1 - Cross-Site Request Forgery to Arbitrary Options Update CWE-352 | 8.8 | High | 2024-09-13 |
| CVE-2022-43450 | WordPress Stream Plugin <= 3.9.2 is vulnerable to Insecure Direct Object References (IDOR) CWE-639 | 4.3 | Medium | 2023-12-19 |
| CVE-2022-43490 | WordPress Stream Plugin <= 3.9.2 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352 | 5.4 | Medium | 2023-05-25 |
| CVE-2022-4384 | Stream < 3.9.2 - Subscriber+ Alert Creation | 6.5 | - | 2023-02-06 |
| CVE-2021-24772 | Stream < 3.8.2 - Admin+ SQL Injection CWE-89 | 8.8 | - | 2021-11-17 |
All 6 known CVE vulnerabilities affecting Stream with full Chinese analysis, references, and POCs where available.