All 3 CVE vulnerabilities found in WPC Smart Messages for WooCommerce, with AI-generated Chinese analysis, references, and POCs.
Vendor: wpclever
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62903 | WordPress WPC Smart Messages for WooCommerce plugin <= 4.2.8 - Cross Site Scripting (XSS) vulnerability CWE-79 | 6.5 | Medium | 2025-10-27 |
| CVE-2024-10436 | WPC Smart Messages for WooCommerce <= 4.2.1 - Authenticated (Subscriber+) Local File Inclusion CWE-98 | 8.8 | High | 2024-10-29 |
| CVE-2024-10437 | WPC Smart Messages for WooCommerce <= 4.2.1 - Missing Authorization to Authenticated (Subscriber+) Message Activation/Deactivation CWE-862 | 4.3 | Medium | 2024-10-29 |
All 3 known CVE vulnerabilities affecting WPC Smart Messages for WooCommerce with full Chinese analysis, references, and POCs where available.