Browse all 5 CVE security advisories affecting Kleor. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32517 | WordPress Contact Manager plugin <= 9.1 - Reflected Cross Site Scripting (XSS) vulnerability — Contact ManagerCWE-79 | 6.1 | - | 2026-03-25 |
| CVE-2025-68853 | WordPress Contact Manager plugin <= 9.1.1 - PHP Object Injection vulnerability — Contact ManagerCWE-502 | 8.8 | High | 2026-02-20 |
| CVE-2025-9519 | Easy Timer <= 4.2.1 - Authenticated (Editor+) Remote Code Execution via Shortcode — Easy TimerCWE-94 | 7.2 | High | 2025-09-04 |
| CVE-2025-8783 | Contact Manager <= 8.6.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'title' — Contact ManagerCWE-79 | 4.4 | Medium | 2025-08-19 |
| CVE-2025-1028 | Contact Manager <= 8.6.4 - Unauthenticated Arbitrary Double File Extension Upload — Contact ManagerCWE-434 | 8.1 | High | 2025-02-05 |
This page lists every published CVE security advisory associated with Kleor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.