All 3 CVE vulnerabilities found in WPshop 2 – E-Commerce, with AI-generated Chinese analysis, references, and POCs.
Vendor: eoxia
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2015-10135 | WPshop 2 – E-Commerce < 1.3.9.6 - Arbitrary File Upload CWE-434 | 9.8 | Critical | 2025-07-19 |
| CVE-2025-3852 | WPshop 2 – E-Commerce 2.0.0 - 2.6.0 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover CWE-269 | 8.8 | High | 2025-05-07 |
| CVE-2025-3853 | WPshop 2 – E-Commerce 2.0.0 - 2.6.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Key Generation CWE-639 | 6.5 | Medium | 2025-05-07 |
All 3 known CVE vulnerabilities affecting WPshop 2 – E-Commerce with full Chinese analysis, references, and POCs where available.