Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

stiofansisland — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting stiofansisland. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by stiofansisland:UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP
CVE IDTitleCVSSSeverityPublished
CVE-2026-4979 UsersWP <= 1.2.58 - Authenticated (Subscriber+) Server-Side Request Forgery via 'uwp_crop' Parameter — UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WPCWE-918 5.0 Medium2026-04-11
CVE-2026-4977 UsersWP <= 1.2.58 - Authenticated (Subscriber+) Restricted Usermeta Modification via 'htmlvar' Parameter — UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WPCWE-862 4.3 Medium2026-04-10
CVE-2026-5742 UsersWP <= 1.2.60 - Authenticated (Subscriber+) Stored Cross-Site Scripting via User Badge Link Substitution — UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WPCWE-79 6.4 Medium2026-04-09
CVE-2025-10003 UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP <= 1.2.44 - Authenticated (Subscriber+) SQL Injection — UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WPCWE-89 6.5 Medium2025-09-06
CVE-2025-9344 UsersWP <= 1.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting — UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WPCWE-79 6.4 Medium2025-08-28
CVE-2024-6265 UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by' — UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WPCWE-89 9.8 Critical2024-06-29
CVE-2024-2423 UsersWP <= 1.2.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode — UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WPCWE-79 6.4 Medium2024-04-09

This page lists every published CVE security advisory associated with stiofansisland. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.