Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

GoodLayers — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting GoodLayers. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products GoodLayers:Goodlayers HotelGoodlayers HostelGoodlayers CoreTourmasterModernizeTour Master - Tour Booking, Travel, HotelGoodlayers Blocks
CVE IDTitleCVSSSeverityPaused
CVE-2025-59580 WordPress Goodlayers Core plugin < 2.1.7 - Privilege Escalation vulnerability — Goodlayers CoreCWE-266 8.8AIHighAI2025-10-22
CVE-2025-53342 WordPress Modernize Theme <= 3.4.0 - Cross Site Scripting (XSS) Vulnerability — ModernizeCWE-79 6.5 Medium2025-08-14
CVE-2025-53343 WordPress Modernize Theme <= 3.4.0 - Broken Access Control Vulnerability — ModernizeCWE-862 4.3 Medium2025-08-14
CVE-2025-39500 WordPress Goodlayers Hostel Plugin <= 3.1.2 - PHP Object Injection vulnerability — Goodlayers HostelCWE-502 9.8 Critical2025-05-23
CVE-2025-39502 WordPress Goodlayers Hostel Plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability — Goodlayers HostelCWE-79 7.1 High2025-05-23
CVE-2025-39501 WordPress Goodlayers Hostel plugin <= 3.1.4 - SQL Injection vulnerability — Goodlayers HostelCWE-89 9.3 Critical2025-05-23
CVE-2025-39504 WordPress Goodlayers Hotel plugin <= 3.1.4 - SQL Injection vulnerability — Goodlayers HotelCWE-89 9.3 Critical2025-05-23
CVE-2025-39503 WordPress Goodlayers Hotel plugin <= 3.1.4 - PHP Object Injection vulnerability — Goodlayers HotelCWE-502 9.8 Critical2025-05-23
CVE-2025-39505 WordPress Goodlayers Hotel plugin <= 3.1.4 - Reflected Cross Site Scripting (XSS) vulnerability — Goodlayers HotelCWE-79 7.1 High2025-05-23
CVE-2025-48292 WordPress Tourmaster plugin <= 5.3.8 - Local File Inclusion vulnerability — TourmasterCWE-98 8.1 High2025-05-23
CVE-2025-32923 WordPress Tourmaster plugin < 5.4.1 - Cross Site Scripting (XSS) vulnerability — TourmasterCWE-79 7.1 High2025-04-15
CVE-2025-23521 WordPress Goodlayers Blocks plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — Goodlayers BlocksCWE-79 7.1 High2025-03-03
CVE-2024-13369 Tour Master - Tour Booking, Travel, Hotel <= 5.3.7 - Authenticated (Subscriber+) SQL Injection via review_id Parameter — Tour Master - Tour Booking, Travel, HotelCWE-89 6.5 Medium2025-02-18
CVE-2024-11200 Goodlayers Core <= 2.0.7 - Reflected Cross-Site Scripting via 'font-family' — Goodlayers CoreCWE-79 6.1 Medium2024-12-03

This page lists every published CVE security advisory associated with GoodLayers. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.