All 4 CVE vulnerabilities found in Woffice, with AI-generated Chinese analysis, references, and POCs.
Vendor: WofficeIO
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-67918 | WordPress Woffice theme <= 5.4.30 - Cross Site Scripting (XSS) vulnerability CWE-79 | 7.1 | High | 2026-01-08 |
| CVE-2024-43234 | WordPress Woffice theme <= 5.4.14 - Unauthenticated Account Takeover vulnerability CWE-288 | 9.8 | - | 2024-12-16 |
| CVE-2024-43153 | WordPress Woffice theme <= 5.4.10 - Unauthenticated Privilege Escalation vulnerability CWE-266 | 9.8 | Critical | 2024-08-13 |
| CVE-2024-37472 | WordPress Woffice theme <= 5.4.8 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 | 7.1 | High | 2024-07-04 |
All 4 known CVE vulnerabilities affecting Woffice with full Chinese analysis, references, and POCs where available.