Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

iqonicdesign — Vulnerabilities & Security Advisories 25

Browse all 25 CVE security advisories affecting iqonicdesign. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by iqonicdesign:WPBookitKiviCare – Clinic & Patient Management System (EHR)Graphina – Charts and Graphs For ElementorStreamitWPBookit ProSocialV - Social Network and Community BuddyPress Theme
CVE IDTitleCVSSSeverityPublished
CVE-2026-25414 WordPress WPBookit Pro plugin <= 1.6.18 - Privilege Escalation vulnerability — WPBookit ProCWE-266 8.8 High2026-03-25
CVE-2026-25413 WordPress WPBookit Pro plugin <= 1.6.18 - Arbitrary File Upload vulnerability — WPBookit ProCWE-434 9.9 Critical2026-03-25
CVE-2026-2992 KiviCare <= 4.1.2 - Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard — KiviCare – Clinic & Patient Management System (EHR)CWE-862 8.2 High2026-03-18
CVE-2026-2991 KiviCare – Clinic & Patient Management System (EHR) <= 4.1.2 - Unauthenticated Authentication Bypass via Social Login Token — KiviCare – Clinic & Patient Management System (EHR)CWE-287 7.3 High2026-03-18
CVE-2026-1980 WPBookit <= 1.0.8 - Missing Authorization to Unauthenticated Sensitive Customer Data Exposure — WPBookitCWE-200 5.3 Medium2026-03-04
CVE-2026-1945 WPBookit <= 1.0.8 - Unauthenticated Stored Cross-Site Scripting via 'wpb_user_name' and 'wpb_user_email' Parameters — WPBookitCWE-79 7.2 High2026-03-04
CVE-2026-25415 WordPress WPBookit Pro plugin <= 1.6.18 - Broken Access Control vulnerability — WPBookit ProCWE-862 9.1AICriticalAI2026-02-19
CVE-2026-0927 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.15 - Missing Authorization to Unauthenticated Limited Arbitrary File Upload — KiviCare – Clinic & Patient Management System (EHR)CWE-862 5.3 Medium2026-01-23
CVE-2025-12135 WPBookit <= 1.0.6 - Unauthenticated Stored Cross-Site Scripting — WPBookitCWE-79 7.2 High2025-11-21
CVE-2025-11820 Graphina – Elementor Charts and Graphs <= 3.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgets — Graphina – Charts and Graphs For ElementorCWE-79 6.4 Medium2025-11-05
CVE-2025-8867 Graphina - Elementor Charts and Graphs <= 3.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Graphina – Charts and Graphs For ElementorCWE-79 6.4 Medium2025-08-15
CVE-2025-7852 WPBookit <= 1.0.6 - Unauthenticated Arbitrary File Upload via image_upload_handle Function — WPBookitCWE-434 9.8 Critical2025-07-24
CVE-2025-6057 WPBookit <= 1.0.4 - Authenticated (Subscriber+) Arbitrary File Upload — WPBookitCWE-434 8.8 High2025-07-12
CVE-2025-6058 WPBookit <= 1.0.4 - Unauthenticated Arbitrary File Upload — WPBookitCWE-434 9.8 Critical2025-07-12
CVE-2025-3810 WPBookit <= 1.0.2 - Insecure Direct Object Reference to Unauthenticated Privilege Escalation via Account Takeover — WPBookitCWE-639 9.8 Critical2025-05-09
CVE-2025-3811 WPBookit <= 1.0.2 - Insecure Direct Object Reference to Unauthenticated Privilege Escalation via Email Update — WPBookitCWE-639 9.8 Critical2025-05-09
CVE-2025-2519 Streamit <= 4.0.1 - Authenticated (Subscriber+) Arbitrary File Download — StreamitCWE-22 6.5 Medium2025-04-08
CVE-2025-2525 Streamit <= 4.0.1 - Authenticated (Subscriber+) Arbitrary File Upload — StreamitCWE-434 8.8 High2025-04-08
CVE-2025-2526 Streamit <= 4.0.2 - Authenticated (Subscriber+) Privilege Escalation via User Email Change/Account Takeover — StreamitCWE-639 8.8 High2025-04-08
CVE-2025-1572 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.7 - Authenticated (Doctor+) SQL Injection via 'u_id' Parameter — KiviCare – Clinic & Patient Management System (EHR)CWE-89 6.5 Medium2025-02-28
CVE-2024-13529 SocialV - Social Network and Community BuddyPress Theme <= 2.0.15 - Missing Authorization to Arbitrary File Download — SocialV - Social Network and Community BuddyPress ThemeCWE-862 6.5 Medium2025-02-04
CVE-2024-11729 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Subscriber+) SQL Injection — KiviCare – Clinic & Patient Management System (EHR)CWE-89 6.5 Medium2024-12-06
CVE-2024-11730 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Authenticated (Doctor/Receptionist+) SQL Injection — KiviCare – Clinic & Patient Management System (EHR)CWE-89 6.5 Medium2024-12-06
CVE-2024-11728 KiviCare – Clinic & Patient Management System (EHR) <= 3.6.4 - Unauthenticated SQL Injection — KiviCare – Clinic & Patient Management System (EHR)CWE-89 7.5 High2024-12-06
CVE-2024-4574 Graphina – Elementor Charts and Graphs <= 1.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — Graphina – Charts and Graphs For ElementorCWE-79 6.4 Medium2024-05-10

This page lists every published CVE security advisory associated with iqonicdesign. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.