Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPSwings — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting WPSwings. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by WPSwings:Return Refund and Exchange For WooCommerceUltimate Gift Cards for WooCommerceWallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription PaymentsWooCommerce Ultimate Gift CardOne Click Upsell Funnel for WoocommerceUpsell Funnel Builder for WooCommerce – Create Upsells, Cross-Sells, Order Bumps, Frequently Bought, and Popups.WooCommerce Ultimate Points And RewardsSubscriptions for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2026-1926 Subscriptions for WooCommerce <= 1.9.2 - Missing Authorization to Unauthenticated Arbitrary Subscription Cancellation — Subscriptions for WooCommerceCWE-862 5.3 Medium2026-03-18
CVE-2025-14450 Wallet System for WooCommerce <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Wallet Balance Manipulation — Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription PaymentsCWE-862 6.5 Medium2026-01-17
CVE-2025-12881 Return Refund and Exchange For WooCommerce <= 4.5.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Order Message Read — Return Refund and Exchange For WooCommerceCWE-639 5.4 Medium2025-11-21
CVE-2025-12086 Return Refund and Exchange For WooCommerce <= 4.5.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Refund Request Cancellation — Return Refund and Exchange For WooCommerceCWE-639 4.3 Medium2025-11-21
CVE-2025-64267 WordPress WooCommerce Ultimate Points And Rewards plugin <= 2.10.2 - Sensitive Data Exposure vulnerability — WooCommerce Ultimate Points And RewardsCWE-497 4.3 Medium2025-11-13
CVE-2025-47569 WordPress WooCommerce Ultimate Gift Card plugin <= 2.9.6 - SQL Injection vulnerability — WooCommerce Ultimate Gift CardCWE-89 9.3 Critical2025-09-09
CVE-2025-5103 Ultimate Gift Cards for WooCommerce <= 3.1.4 - Authenticated (Administrator+) SQL Injection via wps_wgm_save_post Function — Ultimate Gift Cards for WooCommerceCWE-89 4.9 Medium2025-06-03
CVE-2025-3743 Upsell Funnel Builder for WooCommerce <= 3.0.0 - Unauthenticated Order Manipulation — Upsell Funnel Builder for WooCommerce – Create Upsells, Cross-Sells, Order Bumps, Frequently Bought, and Popups.CWE-472 5.3 Medium2025-04-25
CVE-2024-13724 Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction <= 2.6.2 - Missing Authorization — Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription PaymentsCWE-285 4.3 Medium2025-03-04
CVE-2024-13682 Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction <= 2.6.2 - Cross-Site Request Forgery — Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription PaymentsCWE-352 4.3 Medium2025-03-04
CVE-2024-13641 Return Refund and Exchange For WooCommerce <= 4.4.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Return Refund and Exchange For WooCommerceCWE-200 5.9 Medium2025-02-14
CVE-2024-13692 Return Refund and Exchange For WooCommerce <= 4.4.5 - Authenticated (Subscriber+) Insecure Direct Object Reference — Return Refund and Exchange For WooCommerceCWE-285 5.4 Medium2025-02-14
CVE-2024-11938 One Click Upsell Funnel for WooCommerce <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via wps_wocuf_pro_yes Shortcode — One Click Upsell Funnel for WoocommerceCWE-79 6.4 Medium2024-12-21
CVE-2024-53740 WordPress WooCommerce Ultimate Gift Card plugin < 2.9.1 - Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce Ultimate Gift CardCWE-79 7.1 High2024-12-02
CVE-2024-1857 Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates <= 2.6.6 - Missing Authorization to Unauthenticated Information Exposure — Ultimate Gift Cards for WooCommerceCWE-862 5.3 Medium2024-03-16
CVE-2021-4391 Ultimate Gift Cards for WooCommerce <= 2.1.1 - Cross-Site Request Forgery Bypass — Ultimate Gift Cards for WooCommerceCWE-352 4.3 Medium2023-07-01

This page lists every published CVE security advisory associated with WPSwings. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.