Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

emarket-design — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting emarket-design. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by emarket-design:Campus Directory – Faculty, Staff & Student Directory Plugin for WordPressEmployee Directory – Staff & Team DirectorySimple Contact Form Plugin for WordPress – WP Easy ContactYouTube ShowcaseWP Ticket Customer Service Software & Support Ticket SystemRequest a QuoteEmployee Spotlight – Team Member Showcase & Meet the Team PluginVideo Gallery – YouTube Gallery & Responsive Video PlaylistEvent RSVP and Simple Event Management PluginProject Management, Bug and Issue Tracking Plugin – Software Issue ManagerEmployee SpotlightEmployee Directory – Staff Listing & Team Directory Plugin for WordPressWP Easy Contact
CVE IDTitleCVSSSeverityPublished
CVE-2025-15636 WordPress YouTube Showcase plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability — YouTube ShowcaseCWE-79 6.5 Medium2026-04-15
CVE-2025-64248 WordPress Request a Quote plugin <= 2.5.3 - Broken Access Control vulnerability — Request a QuoteCWE-862 8.2AIHighAI2025-12-16
CVE-2025-13403 Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.3 - Missing Authorization to Authenticated (Subscriber+) Tracking Opt-In/Opt-Out Modification — Employee Spotlight – Team Member Showcase & Meet the Team PluginCWE-862 4.3 Medium2025-12-13
CVE-2025-12090 Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Employee Spotlight – Team Member Showcase & Meet the Team PluginCWE-79 6.4 Medium2025-11-01
CVE-2025-60157 WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability — WP Ticket Customer Service Software & Support Ticket SystemCWE-79 6.5 Medium2025-09-26
CVE-2025-58915 WordPress Request a Quote plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability — Request a QuoteCWE-79 6.5 Medium2025-09-23
CVE-2025-54731 WordPress YouTube Showcase Plugin <= 3.5.1 - PHP Object Injection Vulnerability — YouTube ShowcaseCWE-94 8.1 High2025-08-28
CVE-2025-53584 WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability — WP Ticket Customer Service Software & Support Ticket SystemCWE-502 8.1 High2025-08-28
CVE-2025-53583 WordPress Employee Spotlight Plugin <= 5.1.1 - PHP Object Injection Vulnerability — Employee SpotlightCWE-502 8.1 High2025-08-28
CVE-2025-53572 WordPress WP Easy Contact Plugin <= 4.0.1 - PHP Object Injection Vulnerability — WP Easy ContactCWE-502 8.1 High2025-08-28
CVE-2025-53243 WordPress Employee Directory – Staff Listing & Team Directory plugin for WordPress plugin <= 4.5.5 - PHP Object Injection vulnerability — Employee Directory – Staff Listing &amp; Team Directory Plugin for WordPressCWE-502 8.1 High2025-08-28
CVE-2025-8314 Software Issue Manager <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter — Project Management, Bug and Issue Tracking Plugin – Software Issue ManagerCWE-79 6.4 Medium2025-08-12
CVE-2025-8420 Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution — Campus Directory – Faculty, Staff & Student Directory Plugin for WordPressCWE-95 8.1 High2025-08-06
CVE-2025-8295 Employee Directory <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter — Employee Directory – Staff & Team DirectoryCWE-79 6.4 Medium2025-08-05
CVE-2025-8313 Campus Directory <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter — Campus Directory – Faculty, Staff & Student Directory Plugin for WordPressCWE-79 6.4 Medium2025-08-05
CVE-2025-8315 WP Easy Contact <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter — Simple Contact Form Plugin for WordPress – WP Easy ContactCWE-79 6.4 Medium2025-08-05
CVE-2025-5540 Event RSVP and Simple Event Management Plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Event RSVP and Simple Event Management PluginCWE-79 6.4 Medium2025-06-26
CVE-2025-5539 Simplify Contact Management: WP Easy Contact <= 4.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Simple Contact Form Plugin for WordPress – WP Easy ContactCWE-79 6.4 Medium2025-06-04
CVE-2025-5532 Faculty Staff and Student Directory Plugin – Campus Directory <= 1.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Campus Directory – Faculty, Staff & Student Directory Plugin for WordPressCWE-79 6.4 Medium2025-06-04
CVE-2025-5531 Staff Directory – Employee Directory for WordPress <= 4.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Employee Directory – Staff & Team DirectoryCWE-79 6.4 Medium2025-06-04
CVE-2024-3268 YouTube Video Gallery by YouTube Showcase – Video Gallery Plugin for WordPress <= 3.3.6 - Missing Authorization to Arbitrary Post/Page Creation — Video Gallery – YouTube Gallery & Responsive Video PlaylistCWE-862 5.3 Medium2024-05-21

This page lists every published CVE security advisory associated with emarket-design. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.