All 4 CVE vulnerabilities found in WPDM – Premium Packages, with AI-generated Chinese analysis, references, and POCs.
Vendor: Shahjada
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-54732 | WordPress WPDM – Premium Packages Plugin <= 6.0.2 - Cross Site Request Forgery (CSRF) Vulnerability CWE-352 | 4.3 | Medium | 2025-08-14 |
| CVE-2025-30991 | WordPress Premium Packages plugin <= 6.0.6 - Cross Site Scripting (XSS) Vulnerability CWE-79 | 6.5 | Medium | 2025-06-06 |
| CVE-2025-24659 | WordPress Premium Packages – Sell Digital Products Securely plugin <= 5.9.6 - SQL Injection vulnerability CWE-89 | 7.6 | High | 2025-01-24 |
| CVE-2024-52435 | WordPress Premium Packages – Sell Digital Products Securely plugin <= 6.0.5 - SQL Injection vulnerability CWE-89 | 7.6 | High | 2024-11-18 |
All 4 known CVE vulnerabilities affecting WPDM – Premium Packages with full Chinese analysis, references, and POCs where available.