Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

A WP Life — Vulnerabilities & Security Advisories 19

Browse all 19 CVE security advisories affecting A WP Life. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by A WP Life:Contact Form WidgetAlbum Gallery – WordPress GalleryEvent Management Tickets BookingSlider Responsive Slideshow – Image slider, Gallery slideshowImage Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry GalleryBlog FilterVideo Gallery – Api Gallery, YouTube and Vimeo, Link GalleryMedia Slider – Photo Sleder, Video Slider, Link Slider, Carousal SlideshowRight Click Disable OR BanLogin Page Customizer – Customizer Login Page, Admin Page, Custom DesignModal Popup Box
CVE IDTitleCVSSSeverityPublished
CVE-2026-39517 WordPress Blog Filter plugin <= 1.7.6 - Cross Site Scripting (XSS) vulnerability — Blog FilterCWE-79 6.1AIMediumAI2026-04-08
CVE-2026-22346 WordPress Slider Responsive Slideshow – Image slider, Gallery slideshow plugin <= 1.5.4 - PHP Object Injection vulnerability — Slider Responsive Slideshow – Image slider, Gallery slideshowCWE-502 9.8AICriticalAI2026-02-20
CVE-2026-22345 WordPress Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery plugin <= 1.6.0 - PHP Object Injection vulnerability — Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry GalleryCWE-502 9.8AICriticalAI2026-02-20
CVE-2025-68526 WordPress Modal Popup Box plugin <= 1.6.1 - PHP Object Injection vulnerability — Modal Popup BoxCWE-502 9.8AICriticalAI2026-02-20
CVE-2025-62134 WordPress Contact Form Widget plugin <= 1.5.1 - Cross Site Request Forgery (CSRF) vulnerability — Contact Form WidgetCWE-352 5.4 Medium2025-12-31
CVE-2025-69033 WordPress Blog Filter plugin <= 1.7.3 - Cross Site Scripting (XSS) vulnerability — Blog FilterCWE-79 6.1 -2025-12-30
CVE-2025-49902 WordPress Login Page Customizer – Customizer Login Page, Admin Page, Custom Design plugin <= 2.1.1 - Broken Access Control vulnerability — Login Page Customizer &#8211; Customizer Login Page, Admin Page, Custom DesignCWE-862 6.5 Medium2025-12-18
CVE-2025-47491 WordPress Contact Form Widget plugin <= 1.4.6 - Cross Site Request Forgery (CSRF) Vulnerability — Contact Form WidgetCWE-352 7.4 High2025-05-07
CVE-2025-39548 WordPress Right Click Disable OR Ban plugin <= 1.1.17 - CSRF to Stored XSS vulnerability — Right Click Disable OR BanCWE-352 7.1 High2025-04-16
CVE-2024-48037 WordPress Contact Form Widget plugin <= 1.4.2 - CSRF vulnerability — Contact Form WidgetCWE-352 5.4 Medium2024-10-17
CVE-2024-5059 WordPress Event Monster Plugin <= 1.4.0 - Sensitive Data Exposure vulnerability — Event Management Tickets BookingCWE-200 5.3 Medium2024-06-21
CVE-2024-35717 WordPress Media Slider plugin <= 1.3.9 - Broken Access Control vulnerability — Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal SlideshowCWE-862 4.3 Medium2024-06-10
CVE-2024-35720 WordPress Album Gallery – WordPress Gallery plugin <= 1.5.7 - Broken Access Control vulnerability — Album Gallery – WordPress GalleryCWE-862 4.3 Medium2024-06-10
CVE-2024-35721 WordPress Image Gallery plugin <= 1.4.5 - Broken Access Control vulnerability — Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry GalleryCWE-862 4.3 Medium2024-06-10
CVE-2024-35722 WordPress Slider Responsive Slideshow – Image slider, Gallery slideshow plugin <= 1.4.0 - Broken Access Control vulnerability — Slider Responsive Slideshow – Image slider, Gallery slideshowCWE-862 4.3 Medium2024-06-10
CVE-2024-34754 WordPress Contact Form Widget plugin <= 1.3.9 - Sensitive Data Exposure vulnerability — Contact Form WidgetCWE-200 5.3 Medium2024-06-03
CVE-2024-34377 WordPress Video Gallery – Api Gallery, YouTube and Vimeo, Link Gallery plugin <= 1.5.3 - Broken Access Control vulnerability — Video Gallery – Api Gallery, YouTube and Vimeo, Link GalleryCWE-862 4.3 Medium2024-05-06
CVE-2023-47525 WordPress Event Monster plugin <= 1.4.9 - Cross Site Scripting (XSS) vulnerability — Event Management Tickets BookingCWE-79 5.9 Medium2023-12-21
CVE-2023-23646 WordPress Album Gallery – WordPress Gallery Plugin <= 1.4.9 is vulnerable to Cross Site Request Forgery (CSRF) — Album Gallery – WordPress GalleryCWE-352 4.3 Medium2023-07-17

This page lists every published CVE security advisory associated with A WP Life. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.