CartFlows Pro — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in CartFlows Pro, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-36685	WordPress CartFlows Pro Plugin <= 1.11.12 is vulnerable to Cross Site Request Forgery (CSRF) CWE-352	4.3	Medium	2023-11-30
CVE-2023-36686	WordPress CartFlows Pro Plugin <= 1.11.11 is vulnerable to Cross Site Scripting (XSS) CWE-79	7.1	High	2023-08-05

All 2 known CVE vulnerabilities affecting CartFlows Pro with full Chinese analysis, references, and POCs where available.