Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

WPFactory — Vulnerabilities & Security Advisories 47

Browse all 47 CVE security advisories affecting WPFactory. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products WPFactory:Wishlist for WooCommerceProducts, Order & Customers Export for WooCommerceEAN for WooCommerceAdvanced WooCommerce Product Sales ReportingAdditional Custom Product Tabs for WooCommerceHelpdesk Support Ticket System for WooCommerceProduct XML Feed Manager for WooCommerceFree Shipping Bar: Amount Left for Free Shipping for WooCommerceAdvertsBack Button WidgetCost of Goods for WooCommerceSitewide Discount for WooCommerce: Apply Discount to All ProductsMaximum Products per User for WooCommerceSlugs ManagerCRM ERP Business SolutionMin Max Step Quantity Limits Manager for WooCommerceCoupons & Add to Cart by URL Links for WooCommerceProduct Notes Tab & Private Admin Notes for WooCommerceEmail Verification for WooCommerceAdditional Custom Emails & Recipients for WooCommerceChange Add to Cart Button Text for WooCommerceAwesome ShortcodesCustom Checkout Fields for WooCommerceProduct Excel Import Export & Bulk Edit for WooCommerceMSRP (RRP) Pricing for WooCommerceCustom CSS, JS & PHPWPFactory HelperEU/UK VAT Manager for WooCommerceQuantity Dynamic Pricing & Bulk Discounts for WooCommerceScheduled & Automatic Order Status Controller for WooCommerce
CVE IDTitleCVSSSeverityPaused
CVE-2026-24993 WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.3 - SQL Injection vulnerability — Advanced WooCommerce Product Sales ReportingCWE-89 9.3 Critical2026-03-25
CVE-2026-23977 WordPress Helpdesk Support Ticket System for WooCommerce plugin <= 2.1.2 - Broken Access Control vulnerability — Helpdesk Support Ticket System for WooCommerceCWE-862 7.5 High2026-03-25
CVE-2026-24992 WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.2 - Sensitive Data Exposure vulnerability — Advanced WooCommerce Product Sales ReportingCWE-201 7.5AIHighAI2026-02-03
CVE-2025-69334 WordPress Wishlist for WooCommerce plugin <= 3.3.0 - Cross Site Scripting (XSS) vulnerability — Wishlist for WooCommerceCWE-79 5.4 -2026-01-06
CVE-2025-62096 WordPress Maximum Products per User for WooCommerce plugin <= 4.4.3 - Cross Site Scripting (XSS) vulnerability — Maximum Products per User for WooCommerceCWE-79 6.5 Medium2025-12-31
CVE-2025-68528 WordPress Free Shipping Bar: Amount Left for Free Shipping for WooCommerce plugin <= 2.4.9 - Cross Site Scripting (XSS) vulnerability — Free Shipping Bar: Amount Left for Free Shipping for WooCommerceCWE-79 6.5 Medium2025-12-24
CVE-2025-57911 WordPress Adverts Plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability — AdvertsCWE-79 6.5 Medium2025-09-22
CVE-2025-57972 WordPress Helpdesk Support Ticket System for WooCommerce plugin <= 2.1.1 - Broken Access Control vulnerability — Helpdesk Support Ticket System for WooCommerceCWE-862 4.3 Medium2025-09-22
CVE-2025-58985 WordPress Additional Custom Product Tabs for WooCommerce Plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability — Additional Custom Product Tabs for WooCommerceCWE-79 6.5 Medium2025-09-09
CVE-2025-49887 WordPress Product XML Feed Manager for WooCommerce Plugin <= 2.9.3 - Remote Code Execution (RCE) Vulnerability — Product XML Feed Manager for WooCommerceCWE-94 9.9 Critical2025-08-14
CVE-2025-30959 WordPress Product XML Feed Manager for WooCommerce <= 2.9.2 - Broken Access Control Vulnerability — Product XML Feed Manager for WooCommerceCWE-862 6.5 Medium2025-07-16
CVE-2025-49319 WordPress Wishlist for WooCommerce <= 3.2.3 - Broken Access Control Vulnerability — Wishlist for WooCommerceCWE-862 6.5 Medium2025-07-16
CVE-2025-49987 WordPress CRM ERP Business Solution plugin <= 1.13 - Broken Access Control Vulnerability — CRM ERP Business SolutionCWE-862 5.3 Medium2025-06-20
CVE-2025-49510 WordPress Min Max Step Quantity Limits Manager for WooCommerce plugin <= 5.1.0 - Cross Site Request Forgery (CSRF) vulnerability — Min Max Step Quantity Limits Manager for WooCommerceCWE-352 4.3 Medium2025-06-10
CVE-2025-48254 WordPress Change Add to Cart Button Text for WooCommerce plugin <= 2.2.2 - Cross Site Scripting (XSS) Vulnerability — Change Add to Cart Button Text for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48253 WordPress Free Shipping Bar: Amount Left for Free Shipping for WooCommerce plugin <= 2.4.6 - Cross Site Scripting (XSS) Vulnerability — Free Shipping Bar: Amount Left for Free Shipping for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48252 WordPress Back Button Widget plugin <= 1.6.8 - Cross Site Scripting (XSS) Vulnerability — Back Button WidgetCWE-79 6.5 Medium2025-05-19
CVE-2025-48250 WordPress Coupons & Add to Cart by URL Links for WooCommerce plugin <= 1.7.7 - Cross Site Scripting (XSS) Vulnerability — Coupons &amp; Add to Cart by URL Links for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48251 WordPress Additional Custom Emails & Recipients for WooCommerce plugin <= 3.5.1 - Cross Site Scripting (XSS) Vulnerability — Additional Custom Emails &amp; Recipients for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48248 WordPress Sitewide Discount for WooCommerce: Apply Discount to All Products plugin <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability — Sitewide Discount for WooCommerce: Apply Discount to All ProductsCWE-79 6.5 Medium2025-05-19
CVE-2025-48249 WordPress EAN for WooCommerce plugin <= 5.4.6 - Cross Site Scripting (XSS) Vulnerability — EAN for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48240 WordPress Cost of Goods for WooCommerce plugin <= 3.7.0 - Cross Site Scripting (XSS) Vulnerability — Cost of Goods for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48239 WordPress Product Notes Tab & Private Admin Notes for WooCommerce plugin <= 3.1.0 - Cross Site Scripting (XSS) Vulnerability — Product Notes Tab & Private Admin Notes for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48237 WordPress Wishlist for WooCommerce plugin <= 3.2.2 - Cross Site Scripting (XSS) Vulnerability — Wishlist for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-47504 WordPress Custom Checkout Fields for WooCommerce plugin <= 1.8.3 - Cross Site Scripting (XSS) Vulnerability — Custom Checkout Fields for WooCommerceCWE-79 6.5 Medium2025-05-07
CVE-2025-32552 WordPress MSRP (RRP) Pricing for WooCommerce Plugin <= 1.8.1 - Reflected Cross Site Scripting (XSS) vulnerability — MSRP (RRP) Pricing for WooCommerceCWE-79 7.1 High2025-04-17
CVE-2025-32674 WordPress Product Excel Import Export & Bulk Edit for WooCommerce plugin <= 4.7 - Cross Site Scripting (XSS) Vulnerability — Product Excel Import Export & Bulk Edit for WooCommerceCWE-79 7.1 High2025-04-17
CVE-2025-39601 WordPress Custom CSS, JS & PHP plugin <= 2.4.1 - CSRF to RCE vulnerability — Custom CSS, JS & PHPCWE-352 9.6 Critical2025-04-16
CVE-2025-26749 WordPress Additional Custom Product Tabs for WooCommerce plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability — Additional Custom Product Tabs for WooCommerceCWE-79 6.5 Medium2025-04-15
CVE-2025-31553 WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.1 - SQL Injection vulnerability — Advanced WooCommerce Product Sales ReportingCWE-89 9.3 Critical2025-04-01

This page lists every published CVE security advisory associated with WPFactory. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.