All 6 CVE vulnerabilities found in Terms descriptions, with AI-generated Chinese analysis, references, and POCs.
Vendor: Vladimir Statsenko
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-24621 | WordPress Terms descriptions plugin <= 3.4.9 - Cross Site Scripting (XSS) vulnerability CWE-79 | 5.9 | Medium | 2026-01-23 |
| CVE-2025-62139 | WordPress Terms descriptions plugin <= 3.4.10 - Sensitive Data Exposure vulnerability CWE-201 | 5.3 | Medium | 2025-12-31 |
| CVE-2025-6719 | Terms descriptions <= 3.4.8 - Authenticated (Admin+) Stored Cross-Site Scripting CWE-79 | 4.4 | Medium | 2025-07-18 |
| CVE-2024-9374 | Terms descriptions <= 3.4.6 - Reflected Cross-Site Scripting CWE-79 | 6.1 | Medium | 2024-10-24 |
| CVE-2024-47336 | WordPress Terms Descriptions plugin <= 3.4.7 - Cross Site Scripting (XSS) vulnerability CWE-79 | 5.9 | Medium | 2024-10-06 |
| CVE-2023-28779 | WordPress Terms descriptions Plugin <= 3.4.4 is vulnerable to Cross Site Scripting (XSS) CWE-79 | 7.1 | High | 2023-08-10 |
All 6 known CVE vulnerabilities affecting Terms descriptions with full Chinese analysis, references, and POCs where available.