Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WP Chill — Vulnerabilities & Security Advisories 28

Browse all 28 CVE security advisories affecting WP Chill. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by WP Chill:FilrStrong TestimonialsRevive.soPasssterHtaccess File EditorKali FormsRSVP and Event ManagementDownload MonitorGallery PhotoBlocksModula Image GalleryImage Photo Gallery Final Tiles GridBrillianceAllegiant
CVE IDTitleCVSSSeverityPublished
CVE-2026-39561 WordPress Revive.so plugin <= 2.0.7 - Broken Access Control vulnerability — Revive.soCWE-862 7.1AIHighAI2026-04-08
CVE-2026-39536 WordPress RSVP and Event Management plugin <= 2.7.16 - Sensitive Data Exposure vulnerability — RSVP and Event ManagementCWE-497 5.5AIMediumAI2026-04-08
CVE-2026-39510 WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.11 - Insecure Direct Object References (IDOR) vulnerability — Image Photo Gallery Final Tiles GridCWE-639 9.1AICriticalAI2026-04-08
CVE-2026-39486 WordPress Download Monitor plugin <= 5.1.8 - SQL Injection vulnerability — Download MonitorCWE-89 9.8AICriticalAI2026-04-08
CVE-2026-28133 WordPress Filr plugin <= 1.2.14 - Arbitrary File Upload vulnerability — FilrCWE-434 8.1 -2026-03-05
CVE-2026-25375 WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.10 - Broken Access Control vulnerability — Image Photo Gallery Final Tiles GridCWE-862 9.1AICriticalAI2026-02-19
CVE-2026-25036 WordPress Passster plugin <= 4.2.25 - Broken Access Control vulnerability — PasssterCWE-862 8.1AIHighAI2026-02-03
CVE-2026-24957 WordPress Strong Testimonials plugin <= 3.2.20 - Broken Access Control vulnerability — Strong TestimonialsCWE-862 8.2AIHighAI2026-02-03
CVE-2026-24939 WordPress Modula Image Gallery plugin <= 2.13.6 - Broken Access Control vulnerability — Modula Image GalleryCWE-862 8.2AIHighAI2026-02-03
CVE-2026-24389 WordPress Gallery PhotoBlocks plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability — Gallery PhotoBlocksCWE-79 6.1AIMediumAI2026-01-22
CVE-2026-23976 WordPress Modula Image Gallery plugin <= 2.13.4 - Cross Site Scripting (XSS) vulnerability — Modula Image GalleryCWE-79 5.9 Medium2026-01-22
CVE-2025-64230 WordPress Filr plugin <= 1.2.10 - Arbitrary File Deletion vulnerability — FilrCWE-22 7.7 High2025-12-18
CVE-2025-64218 WordPress Passster plugin <= 4.2.19 - Sensitive Data Exposure vulnerability — PasssterCWE-201 7.5AIHighAI2025-12-18
CVE-2025-59551 WordPress Revive.so Plugin <= 2.0.6 - Broken Access Control Vulnerability — Revive.soCWE-862 4.3 Medium2025-09-22
CVE-2025-57926 WordPress Passster Plugin <= 4.2.18 - Cross Site Scripting (XSS) Vulnerability — PasssterCWE-79 6.5 Medium2025-09-22
CVE-2025-58610 WordPress Gallery PhotoBlocks Plugin <= 1.3.1 - Cross Site Scripting (XSS) Vulnerability — Gallery PhotoBlocksCWE-79 6.5 Medium2025-09-03
CVE-2025-47439 WordPress Download Monitor plugin <= 5.0.22 - Local File Inclusion Vulnerability — Download MonitorCWE-98 7.5 High2025-05-07
CVE-2025-32233 WordPress Revive.so plugin <= 2.0.3 - Broken Access Control vulnerability — Revive.soCWE-862 4.3 Medium2025-04-04
CVE-2025-26975 WordPress Strong Testimonials plugin <= 3.2.3 - Broken Access Control vulnerability — Strong TestimonialsCWE-862 5.3 Medium2025-02-25
CVE-2025-24683 WordPress RSVP and Event Management Plugin <= 2.7.14 - SQL Injection vulnerability — RSVP and Event ManagementCWE-89 7.6 High2025-01-24
CVE-2025-22773 WordPress Htaccess File Editor <= 1.0.19 - Broken Authentication vulnerability — Htaccess File EditorCWE-538 7.5 -2025-01-15
CVE-2023-46083 WordPress Kali Forms plugin <= 2.3.27 - Broken Access Control vulnerability — Kali FormsCWE-862 8.2 -2025-01-02
CVE-2023-45275 WordPress Contact Form builder with drag & drop plugin <= 2.3.28 - Broken Access Control vulnerability — Kali FormsCWE-862 8.2 -2025-01-02
CVE-2024-49256 WordPress Htaccess File Editor plugin <= 1.0.18 - Broken Access Control vulnerability — Htaccess File EditorCWE-863 6.5 Medium2024-11-01
CVE-2024-47362 WordPress Strong Testimonials plugin <= 3.1.16 - Broken Access Control vulnerability — Strong TestimonialsCWE-862 4.3 Medium2024-11-01
CVE-2024-43329 WordPress Allegiant theme <= 1.2.7 - Cross Site Scripting (XSS) vulnerability — AllegiantCWE-79 6.5 Medium2024-08-18
CVE-2024-43216 WordPress Filr plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability — FilrCWE-79 6.5 Medium2024-08-12
CVE-2023-28171 WordPress Brilliance Theme <= 1.3.1 is vulnerable to Cross Site Scripting (XSS) — BrillianceCWE-79 5.4 Medium2023-06-22

This page lists every published CVE security advisory associated with WP Chill. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.