Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

jackdewey — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting jackdewey. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by jackdewey:Community EventsLink LibraryBilingual LinkerTune LibraryEvents Listing Widget
CVE IDTitleCVSSSeverityPublished
CVE-2026-2429 Community Events <= 1.5.8 - Authenticated (Administrator+) SQL Injection via 'ce_venue_name' CSV Field — Community EventsCWE-89 4.9 Medium2026-03-07
CVE-2026-1649 Community Events <= 1.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'ce_venue_name' Parameter — Community EventsCWE-79 4.4 Medium2026-02-18
CVE-2026-1252 Events Listing Widget <= 1.3.4 - Authenticated (Author+) Stored Cross-Site Scripting via Event URL Field — Events Listing WidgetCWE-79 6.4 Medium2026-02-06
CVE-2026-1401 Tune Library <= 1.6.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via CSV Import — Tune LibraryCWE-79 6.4 Medium2026-02-06
CVE-2025-14029 Community Events <= 1.5.6 - Missing Authorization to Unauthenticated Arbitrary Event Approval via 'eventlist' Parameter — Community EventsCWE-862 5.3 Medium2026-01-17
CVE-2025-12646 Community Events <= 1.5.4 - Unauthenticated SQL Injection — Community EventsCWE-89 7.5 High2025-11-19
CVE-2025-11995 Community Events <= 1.5.2 - Unauthenticated Stored Cross-Site Scripting — Community EventsCWE-79 7.2 High2025-11-01
CVE-2025-10586 Community Events <= 1.5.1 - Unauthenticated SQL Injection — Community EventsCWE-89 9.8 Critical2025-10-09
CVE-2025-10587 Community Events <= 1.5.1 - Unauthenticated SQL Injection — Community EventsCWE-89 9.8 Critical2025-10-08
CVE-2025-2889 Link Library <= 7.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Link Additional Parameters — Link LibraryCWE-79 6.4 Medium2025-04-04
CVE-2024-13441 Bilingual Linker <= 2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Bilingual LinkerCWE-79 6.4 Medium2025-01-25
CVE-2024-13404 Link Library <= 7.7.2 - Reflected Cross-Site Scripting — Link LibraryCWE-79 6.1 Medium2025-01-21
CVE-2024-4281 Link Library <= 7.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via link-library Shortcode — Link LibraryCWE-79 6.4 Medium2024-05-08
CVE-2024-2325 Link Library <= 7.6.6 - Reflected Cross-Site Scripting — Link LibraryCWE-79 6.1 Medium2024-04-09
CVE-2024-1559 Link Library <= 7.6 - Unauthenticated Stored Cross-Site Scripting — Link LibraryCWE-79 6.5 Medium2024-02-20

This page lists every published CVE security advisory associated with jackdewey. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.