Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gVectors — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting gVectors. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by gVectors:wpDiscuzDisplay Custom Fields – wpViewwpForo + wpForo Advanced Attachments
CVE IDTitleCVSSSeverityPublished
CVE-2026-22216 wpDiscuz before 7.6.47 - No Rate Limiting on Subscription Endpoints with LIKE Wildcard Bypass — wpDiscuzCWE-799 6.5 Medium2026-03-13
CVE-2026-22215 wpDiscuz before 7.6.47 - Missing CSRF Protection on wpdGetFollowsPage — wpDiscuzCWE-352 4.3 Medium2026-03-13
CVE-2026-22210 wpDiscuz before 7.6.47 - Cross-Site Scripting via Unescaped Attachment URLs — wpDiscuzCWE-79 4.4 Medium2026-03-13
CVE-2026-22209 wpDiscuz before 7.6.47 - Cross-Site Scripting via Unescaped Custom CSS in Style Tag — wpDiscuzCWE-79 5.5 Medium2026-03-13
CVE-2026-22204 wpDiscuz before 7.6.47 - Unsanitized Cookie Email Used as wp_mail() Recipient — wpDiscuzCWE-20 3.7 Low2026-03-13
CVE-2026-22203 wpDiscuz before 7.6.47 - Options Export Leaks OAuth Secrets in Plaintext — wpDiscuzCWE-200 4.9 Medium2026-03-13
CVE-2026-22202 wpDiscuz before 7.6.47 - Destructive GET Action Deletes All Comments by Email — wpDiscuzCWE-352 8.1 High2026-03-13
CVE-2026-22201 wpDiscuz before 7.6.47 - IP Address Spoofing in getIP() — wpDiscuzCWE-348 5.3 Medium2026-03-13
CVE-2026-22193 wpDiscuz before 7.6.47 - SQL Injection in getAllSubscriptions() — wpDiscuzCWE-89 8.1 High2026-03-13
CVE-2026-22183 wpDiscuz before 7.6.47 - Stored Cross-Site Scripting in Inline Comment Preview — wpDiscuzCWE-79 6.1 Medium2026-03-13
CVE-2026-22182 wpDiscuz before 7.6.47 - Unauthenticated Email Notification Flood via wpdCheckNotificationType — wpDiscuzCWE-862 7.5 High2026-03-13
CVE-2025-4224 wpForo + wpForo Advanced Attachments <= 3.1.3 - Unauthenticated Stored Cross-Site Scripting — wpForo + wpForo Advanced AttachmentsCWE-79 7.2 High2025-06-03
CVE-2023-33213 WordPress wpView Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) — Display Custom Fields – wpViewCWE-79 5.9 Medium2023-06-19

This page lists every published CVE security advisory associated with gVectors. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.