All 7 CVE vulnerabilities found in WooCommerce - Social Login, with AI-generated Chinese analysis, references, and POCs.
Vendor: WPWeb
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-10114 | Social Login - WordPress / WooCommerce Plugin <= 2.7.7 - Authentication Bypass via WordPress.com OAuth provider CWE-287 | 8.1 | High | 2024-11-05 |
| CVE-2024-7503 | WooCommerce - Social Login <= 2.7.5 - Authentication Bypass to Account Takeover CWE-288 | 9.8 | Critical | 2024-08-10 |
| CVE-2024-6636 | WooCommerce - Social Login <= 2.7.3 - Missing Authorization to Unauthenticated Privilege Escalation CWE-862 | 9.8 | Critical | 2024-07-20 |
| CVE-2024-6635 | WooCommerce - Social Login <= 2.7.3 - Unauthenticated Authentication Bypass CWE-288 | 7.3 | High | 2024-07-20 |
| CVE-2024-6637 | WooCommerce - Social Login <= 2.7.3 - Unauthenticated Privilege Escalation via One-Time Password CWE-305 | 7.3 | High | 2024-07-20 |
| CVE-2024-5871 | WooCommerce - Social Login <= 2.6.2 - Unauthenticated PHP Object Injection CWE-502 | 9.8 | Critical | 2024-06-15 |
| CVE-2024-5868 | WooCommerce - Social Login <= 2.6.2 - Email Verification due to Insufficient Randomness CWE-330 | 6.5 | Medium | 2024-06-15 |
All 7 known CVE vulnerabilities affecting WooCommerce - Social Login with full Chinese analysis, references, and POCs where available.