Artbees Jupiter X Core — known CVE vulnerabilities
Every CVE whose affected-product data names Artbees Jupiter X Core, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2023-38389 — CVSS 9.8 (critical): Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue…
CVE-2024-7772 — CVSS 9.8 (critical): The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file uploads due to a mishandled file type validation in the 'validate'…
CVE-2023-38388 — CVSS 9.0 (critical): Unrestricted Upload of File with Dangerous Type vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from n/a through…
CVE-2025-0366 — CVSS 8.8 (high): The Jupiter X Core plugin for WordPress is vulnerable to Local File Inclusion to Remote Code Execution in all versions up to, and…
CVE-2023-38385 — CVSS 8.3 (high): Missing Authorization vulnerability in Artbees JupiterX Core allows Exploiting Incorrectly Configured Access Control Security Levels.This…
CVE-2025-2105 — CVSS 8.1 (high): The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via…
CVE-2024-7781 — CVSS 8.1 (high): The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.7.5. This is due to…
CVE-2023-3813 — CVSS 7.5 (high): The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file downloads in versions up to, and including, 4.6.6. This makes it…
CVE-2025-0365 — CVSS 6.5 (medium): The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.8.7 via the inline SVG…
CVE-2025-3888 — CVSS 6.4 (medium): The Jupiter X Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File inclusion in all versions up to, and…
CVE-2022-1656 — CVSS 5.4 (medium): Vulnerable versions of the JupiterX Theme (<=2.0.6) allow any logged-in user, including subscriber-level users, to access any of the…
CVE-2023-38394 — CVSS 5.4 (medium): Missing Authorization vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from 3.0.0 through 3.3.0.
CVE-2024-12316 — CVSS 5.3 (medium): The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…
CVE-2024-12033 — CVSS 4.3 (medium): The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the sync_libraries()…