Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

WPFactory — Vulnerabilities & Security Advisories 47

Browse all 47 CVE security advisories affecting WPFactory. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products WPFactory:Wishlist for WooCommerceProducts, Order & Customers Export for WooCommerceEAN for WooCommerceAdvanced WooCommerce Product Sales ReportingAdditional Custom Product Tabs for WooCommerceHelpdesk Support Ticket System for WooCommerceProduct XML Feed Manager for WooCommerceFree Shipping Bar: Amount Left for Free Shipping for WooCommerceAdvertsBack Button WidgetCost of Goods for WooCommerceSitewide Discount for WooCommerce: Apply Discount to All ProductsMaximum Products per User for WooCommerceSlugs ManagerCRM ERP Business SolutionMin Max Step Quantity Limits Manager for WooCommerceCoupons & Add to Cart by URL Links for WooCommerceProduct Notes Tab & Private Admin Notes for WooCommerceEmail Verification for WooCommerceAdditional Custom Emails & Recipients for WooCommerceChange Add to Cart Button Text for WooCommerceAwesome ShortcodesCustom Checkout Fields for WooCommerceProduct Excel Import Export & Bulk Edit for WooCommerceMSRP (RRP) Pricing for WooCommerceCustom CSS, JS & PHPWPFactory HelperEU/UK VAT Manager for WooCommerceQuantity Dynamic Pricing & Bulk Discounts for WooCommerceScheduled & Automatic Order Status Controller for WooCommerce
CVE IDTitleCVSSSeverityPaused
CVE-2025-31848 WordPress WordPress Adverts Plugin plugin <= 1.4 - Broken Access Control vulnerability — AdvertsCWE-862 5.3 Medium2025-04-01
CVE-2025-31598 WordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 4.0.3 - Stored Cross Site Scripting (XSS) vulnerability — Quantity Dynamic Pricing & Bulk Discounts for WooCommerceCWE-79 6.5 Medium2025-03-31
CVE-2025-22673 WordPress EAN Barcode Generator <= 5.3.5 - Broken Access Control vulnerability — EAN for WooCommerceCWE-862 4.3 Medium2025-03-27
CVE-2025-30781 WordPress Scheduled & Automatic Order Status Controller for WooCommerce plugin <= 3.7.1 - Open Redirection Vulnerability — Scheduled &amp; Automatic Order Status Controller for WooCommerceCWE-601 4.7 Medium2025-03-27
CVE-2024-56228 WordPress Wishlist for WooCommerce: Multi Wishlists Per Customer plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability — Wishlist for WooCommerceCWE-79 7.1 High2024-12-31
CVE-2024-54332 WordPress WP Currency Exchange Rates plugin <= 1.2.0 - CSRF to Stored XSS vulnerability — WP Currency Exchange RatesCWE-352 7.1 High2024-12-16
CVE-2023-23868 WordPress Cost of Goods for WooCommerce plugin <= 2.8.6 - Broken Access Control vulnerability — Cost of Goods for WooCommerceCWE-862 5.4 Medium2024-12-09
CVE-2024-54209 WordPress Awesome Shortcodes plugin <= 1.7.2 - Reflected Cross Site Scripting (XSS) vulnerability — Awesome ShortcodesCWE-79 7.1 High2024-12-06
CVE-2024-44061 WordPress EU/UK VAT Manager for WooCommerce plugin <= 2.12.14 - CSRF to Cross Site Scripting (XSS) vulnerability — EU/UK VAT Manager for WooCommerceCWE-79 7.1 High2024-10-20
CVE-2024-49305 WordPress Customer Email Verification for WooCommerce plugin <= 2.8.10 - SQL Injection vulnerability — Email Verification for WooCommerceCWE-89 9.3 Critical2024-10-17
CVE-2024-43127 WordPress Products, Order & Customers Export for WooCommerce plugin <= 2.0.11 - Reflected Cross Site Scripting (XSS) vulnerability — Products, Order & Customers Export for WooCommerceCWE-79 7.1 High2024-08-12
CVE-2024-31276 WordPress Products, Order & Customers Export for WooCommerce plugin <= 2.0.8 - Broken Access Control vulnerability — Products, Order & Customers Export for WooCommerceCWE-862 5.3 Medium2024-06-09
CVE-2024-34370 WordPress EAN for WooCommerce plugin <= 4.8.9 - Arbitrary Option Update to Privilege Escalation vulnerability — EAN for WooCommerceCWE-269 7.2 High2024-05-17
CVE-2024-30536 WordPress Slugs Manager plugin <= 2.6.7 - Cross Site Request Forgery (CSRF) vulnerability — Slugs ManagerCWE-352 4.3 Medium2024-03-31
CVE-2023-51399 WordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS) — Back Button WidgetCWE-79 6.5 Medium2023-12-29
CVE-2023-47547 WordPress Products, Order & Customers Export for WooCommerce Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS) — Products, Order & Customers Export for WooCommerceCWE-79 7.1 High2023-11-14
CVE-2023-36689 WordPress WPFactory Helper Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS) — WPFactory HelperCWE-79 7.1 High2023-08-05

This page lists every published CVE security advisory associated with WPFactory. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.