All 3 CVE vulnerabilities found in WCFM Marketplace, with AI-generated Chinese analysis, references, and POCs.
Vendor: WC Lovers
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-63029 | WordPress WCFM Marketplace plugin <= 3.7.1 - SQL Injection vulnerability CWE-89 | 7.6 | High | 2026-04-15 |
| CVE-2025-64631 | WordPress WCFM Marketplace plugin <= 3.7.1 - Broken Access Control vulnerability CWE-862 | 4.9 | Medium | 2025-12-16 |
| CVE-2024-44009 | WordPress WCFM Marketplace <= 3.6.11 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 | 7.1 | High | 2024-09-17 |
All 3 known CVE vulnerabilities affecting WCFM Marketplace with full Chinese analysis, references, and POCs where available.