Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gpriday — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting gpriday. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by gpriday:SiteOrigin Widgets BundlePage Builder by SiteOrigin
CVE IDTitleCVSSSeverityPublished
CVE-2026-2448 Page Builder by SiteOrigin <= 2.33.5 - Authenticated (Contributor+) Local File Inclusion — Page Builder by SiteOriginCWE-22 8.8 High2026-03-03
CVE-2026-2127 SiteOrigin Widgets Bundle <= 1.70.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution — SiteOrigin Widgets BundleCWE-862 5.4 Medium2026-02-18
CVE-2025-5585 SiteOrigin Widgets Bundle <= 1.68.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-url` DOM Element Attribute — SiteOrigin Widgets BundleCWE-79 6.4 Medium2025-06-25
CVE-2025-1459 Page Builder by SiteOrigin <= 2.31.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Page Builder by SiteOriginCWE-79 6.4 Medium2025-03-01
CVE-2024-12240 Page Builder by SiteOrigin <= 2.31.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Row Label Parameter — Page Builder by SiteOriginCWE-79 6.4 Medium2025-01-14
CVE-2024-5901 SiteOrigin Widgets Bundle <= 1.62.2 - Authenticated (Contributor+) Stored Cross-Site Scripting in Image Grid widget — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-07-30
CVE-2024-5090 SiteOrigin Widgets Bundle <= 1.61.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via SiteOrigin Blog Widget — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-06-11
CVE-2024-4362 SiteOrigin Widgets Bundle <= 1.60.0 - - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-05-22
CVE-2024-4361 Page Builder by SiteOrigin <= 2.29.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'siteorigin_widget' Shortcode — Page Builder by SiteOriginCWE-79 6.4 Medium2024-05-21
CVE-2024-2202 Page Builder by SiteOrigin <= 2.29.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Legacy Image Widget — Page Builder by SiteOriginCWE-79 6.4 Medium2024-03-23
CVE-2024-1723 SiteOrigin Widgets Bundle <= 1.58.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-03-13
CVE-2024-1058 SiteOrigin Widgets Bundle <= 1.58.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-02-20
CVE-2024-1070 SiteOrigin Widgets Bundle <= 1.58.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-02-20
CVE-2024-0961 SiteOrigin Widgets Bundle <= 1.58.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — SiteOrigin Widgets BundleCWE-79 6.4 Medium2024-02-05

This page lists every published CVE security advisory associated with gpriday. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.