All 5 CVE vulnerabilities found in WP Attachments, with AI-generated Chinese analysis, references, and POCs.
Vendor: Unknown
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62888 | WordPress WP Attachments plugin <= 5.2 - Broken Access Control vulnerability CWE-862 | 5.4 | Medium | 2025-12-31 |
| CVE-2025-5082 | WP Attachments <= 5.0.12 - Reflected Cross-Site Scripting via attachment_id Parameter CWE-79 | 6.1 | Medium | 2025-05-28 |
| CVE-2023-45651 | WordPress WP Attachments Plugin <= 5.0.11 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352 | 4.3 | Medium | 2023-10-16 |
| CVE-2022-4330 | WP Attachments < 5.0.6 - Admin+ Stored XSS | 4.8 | - | 2023-01-16 |
| CVE-2022-3469 | WP Attachments < 5.0.5 - Admin+ Stored Cross-Site Scripting CWE-79 | 4.8 | - | 2022-11-14 |
All 5 known CVE vulnerabilities affecting WP Attachments with full Chinese analysis, references, and POCs where available.