Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ZoomIt — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting ZoomIt. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by ZoomIt:ZoomSounds - WordPress Wave Audio Player with PlaylistWooCommerce Shop Page BuilderZoomSoundsFoodMenuDZS Video Gallery
CVE IDTitleCVSSSeverityPublished
CVE-2025-49049 WordPress DZS Video Gallery plugin <= 12.39 - SQL Injection vulnerability — DZS Video GalleryCWE-89 8.5 High2026-01-22
CVE-2025-28999 WordPress WooCommerce Shop Page Builder <= 2.27.7 - Cross Site Scripting (XSS) Vulnerability — WooCommerce Shop Page BuilderCWE-79 7.1 High2025-08-14
CVE-2025-29014 WordPress FoodMenu <= 1.20 - Cross Site Scripting (XSS) Vulnerability — FoodMenuCWE-79 7.1 High2025-08-14
CVE-2025-29001 WordPress WooCommerce Shop Page Builder plugin <= 2.27.7 - Broken Access Control Vulnerability — WooCommerce Shop Page BuilderCWE-862 4.3 Medium2025-07-04
CVE-2025-47568 WordPress ZoomSounds plugin <= 6.91 - PHP Object Injection vulnerability — ZoomSoundsCWE-502 9.8 Critical2025-05-23
CVE-2025-3431 ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Unauthenticated Arbitrary File Download — ZoomSounds - WordPress Wave Audio Player with PlaylistCWE-73 7.5 High2025-04-08
CVE-2025-0839 ZoomSounds <= 6.91 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — ZoomSounds - WordPress Wave Audio Player with PlaylistCWE-79 6.4 Medium2025-04-05
CVE-2024-13776 ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update and Settings Manipulation — ZoomSounds - WordPress Wave Audio Player with PlaylistCWE-862 8.1 High2025-04-05
CVE-2024-13777 ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Unauthenticated PHP Object Injection — ZoomSounds - WordPress Wave Audio Player with PlaylistCWE-502 8.1 High2025-03-05
CVE-2021-4449 ZoomSounds <= 5.96 - Unauthenticated Arbitrary File Upload — ZoomSounds - WordPress Wave Audio Player with PlaylistCWE-434 9.8 Critical2024-10-16
CVE-2021-39316 ZoomSounds <= 6.45 Unauthenticated Directory Traversal and Sensitive Information Dislosure — ZoomSounds - WordPress Wave Audio Player with PlaylistCWE-22 7.5 High2021-08-31

This page lists every published CVE security advisory associated with ZoomIt. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.