All 3 CVE vulnerabilities found in PPOM – Product Addons & Custom Fields for WooCommerce, with AI-generated Chinese analysis, references, and POCs.
Vendor: themeisle
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-11691 | PPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated SQL Injection CWE-89 | 7.5 | High | 2025-10-18 |
| CVE-2025-11391 | PPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated Arbitrary File Upload CWE-434 | 9.8 | Critical | 2025-10-18 |
| CVE-2024-3962 | Product Addons & Fields for WooCommerce <= 32.0.18 - Unauthenticated Arbitrary File Upload via ppom_upload_file CWE-434 | 9.8 | Critical | 2024-04-26 |
All 3 known CVE vulnerabilities affecting PPOM – Product Addons & Custom Fields for WooCommerce with full Chinese analysis, references, and POCs where available.