All 7 CVE vulnerabilities found in WPAMS, with AI-generated Chinese analysis, references, and POCs.
Vendor: mojoomla
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2025-39392 | WordPress WPAMS plugin <= 44.0 (17-08-2023) - Cross Site Scripting (XSS) vulnerability CWE-79 | 7.1 | High | 2025-05-19 |
| CVE-2025-39395 | WordPress WPAMS plugin <= 44.0 (17-08-2023) - SQL Injection vulnerability CWE-89 | 9.3 | Critical | 2025-05-19 |
| CVE-2025-39401 | WordPress WPAMS plugin <= 44.0 (17-08-2023) - Arbitrary File Upload vulnerability CWE-434 | 10.0 | Critical | 2025-05-19 |
| CVE-2025-39402 | WordPress WPAMS plugin <= 44.0 (17-08-2023) - Arbitrary File Upload vulnerability CWE-434 | 9.9 | Critical | 2025-05-19 |
| CVE-2025-39403 | WordPress WPAMS plugin <= 44.0 (17-08-2023) - SQL Injection vulnerability CWE-89 | 8.5 | High | 2025-05-19 |
| CVE-2025-39405 | WordPress WPAMS plugin <= 44.0 (17-08-2023) - Privilege Escalation vulnerability CWE-266 | 8.8 | High | 2025-05-19 |
| CVE-2025-39406 | WordPress WPAMS plugin <= 44.0 - Local File Inclusion to Privilege Escalation vulnerability CWE-98 | 9.8 | Critical | 2025-05-19 |
All 7 known CVE vulnerabilities affecting WPAMS with full Chinese analysis, references, and POCs where available.