Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

totalsoft — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting totalsoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by totalsoft:Event Calendar – Calendar (WordPress plugin)TS Poll – Survey, Versus Poll, Image Poll, Video PollPortfolio GalleryVideo Gallery – YouTube Gallery, Vimeo, Video Portfolio, Image Portfolio and Image GalleryTS PollVideo Gallery – YouTube GalleryWooCommerce Pricing – Product Pricing
CVE IDTitleCVSSSeverityPublished
CVE-2026-25428 WordPress TS Poll plugin <= 2.5.5 - Server Side Request Forgery (SSRF) vulnerability — TS PollCWE-918 9.8AICriticalAI2026-02-19
CVE-2025-62098 WordPress Portfolio Gallery plugin <= 1.4.8 - Broken Access Control vulnerability — Portfolio GalleryCWE-862 5.4 Medium2025-12-31
CVE-2025-68588 WordPress TS Poll plugin <= 2.5.5 - Broken Access Control vulnerability — TS PollCWE-862 4.3 Medium2025-12-24
CVE-2025-3470 TS Poll – Survey, Versus Poll, Image Poll, Video Poll <= 2.4.6 - Authenticated (Administrator+) SQL Injection via 's' Parameter — TS Poll – Survey, Versus Poll, Image Poll, Video PollCWE-89 4.9 Medium2025-04-15
CVE-2025-22632 WordPress WooCommerce Pricing – Product Pricing plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability — WooCommerce Pricing – Product PricingCWE-79 7.1 High2025-02-23
CVE-2023-32585 WordPress Portfolio Gallery – Responsive Image Gallery plugin <= 1.4.6 - Broken Access Control vulnerability — Portfolio GalleryCWE-862 7.5 High2024-12-13
CVE-2023-25988 WordPress Video Gallery – YouTube Gallery plugin <= 1.7.6 - Broken Access Control vulnerability — Video Gallery – YouTube GalleryCWE-862 7.5 High2024-12-13
CVE-2024-10247 YouTube Gallery and Vimeo Gallery Plugin <= 2.4.2 - Authenticated (Administrator+) SQL Injection — Video Gallery – YouTube Gallery, Vimeo, Video Portfolio, Image Portfolio and Image GalleryCWE-89 7.2 High2024-12-06
CVE-2024-9769 Video Gallery <= 2.4.1 - Authenticated (Administrator+) Stored Cross-Site Scripting — Video Gallery – YouTube Gallery, Vimeo, Video Portfolio, Image Portfolio and Image GalleryCWE-79 4.4 Medium2024-12-06
CVE-2024-9022 TS Poll – Survey, Versus Poll, Image Poll, Video Poll <= 2.4.0 - Authenticated (Administrator+) SQL Injection via orderby Parameter — TS Poll – Survey, Versus Poll, Image Poll, Video PollCWE-89 7.2 High2024-10-10
CVE-2022-36390 WordPress Event Calendar – Calendar plugin <= 1.4.6 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability — Event Calendar – Calendar (WordPress plugin)CWE-79 4.1 Medium2022-09-21
CVE-2022-38067 WordPress Event Calendar – Calendar plugin <= 1.4.6 - Unauthenticated Event Deletion vulnerability — Event Calendar – Calendar (WordPress plugin)CWE-264 6.5 Medium2022-09-09

This page lists every published CVE security advisory associated with totalsoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.