Tainacan — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in Tainacan, with AI-generated Chinese analysis, references, and POCs.

Vendor: Tainacan.org

CVE ID	Title	CVSS	Severity	Published
CVE-2025-14043	Tainacan <= 1.0.1 - Missing Authorization to Unauthenticated Arbitrary Metadata Section Creation CWE-862	5.3	Medium	2025-12-21
CVE-2025-12747	Tainacan <= 1.0.0 - Unauthenticated Information Exposure CWE-552	5.3	Medium	2025-11-21
CVE-2025-12746	Tainacan <= 1.0.0 - Reflected Cross-Site Scripting CWE-79	6.1	Medium	2025-11-21
CVE-2025-47512	WordPress Tainacan plugin <= 0.21.14 - Arbitrary File Deletion vulnerability CWE-22	8.6	High	2025-05-23
CVE-2024-13236	Tainacan <= 0.21.12 - Authenticated (Subscriber+) SQL Injection CWE-89	6.5	Medium	2025-01-23
CVE-2024-48040	WordPress Tainacan plugin <= 0.21.8 - SQL Injection vulnerability CWE-89	8.5	High	2024-10-11
CVE-2024-9221	Tainacan <= 0.21.10 - Reflected Cross-Site Scripting CWE-79	6.1	Medium	2024-10-11
CVE-2024-7135	Tainacan <= 0.21.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Read CWE-862	6.5	Medium	2024-07-31
CVE-2024-30529	WordPress Tainacan plugin <= 0.20.7 - Broken Access Control vulnerability CWE-862	5.3	Medium	2024-06-09
CVE-2024-34794	WordPress Tainacan plugin <= 0.21.3 - Cross Site Scripting (XSS) vulnerability CWE-79	7.1	High	2024-06-03
CVE-2024-34795	WordPress Tainacan plugin <= 0.21.3 - Cross Site Scripting (XSS) vulnerability CWE-79	6.5	Medium	2024-06-03
CVE-2024-1435	WordPress Tainacan plugin <= 0.20.6 - Sensitive Data Exposure via Log File vulnerability CWE-201	5.3	Medium	2024-02-29
CVE-2023-47848	WordPress Tainacan Plugin <= 0.20.4 is vulnerable to Cross Site Scripting (XSS) CWE-79	7.1	High	2023-11-30

All 13 known CVE vulnerabilities affecting Tainacan with full Chinese analysis, references, and POCs where available.