Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WofficeIO — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting WofficeIO. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by WofficeIO:Woffice CoreWoffice
CVE IDTitleCVSSSeverityPublished
CVE-2025-67918 WordPress Woffice theme <= 5.4.30 - Cross Site Scripting (XSS) vulnerability — WofficeCWE-79 7.1 High2026-01-08
CVE-2025-67919 WordPress Woffice Core plugin <= 5.4.30 - Insecure Direct Object References (IDOR) vulnerability — Woffice CoreCWE-639 6.5 Medium2026-01-08
CVE-2025-67566 WordPress Woffice Core plugin <= 5.4.30 - Broken Access Control vulnerability — Woffice CoreCWE-862 5.3 Medium2025-12-09
CVE-2025-7694 Woffice Core <= 5.4.26 - Authenticated (Contributor+) Arbitrary File Deletion — Woffice CoreCWE-22 6.8 Medium2025-08-02
CVE-2025-2780 Woffice Core <= 5.4.21 - Authenticated (Subscriber+) Arbitrary File Upload — Woffice CoreCWE-434 8.8 High2025-04-04
CVE-2025-2797 Woffice Core <= 5.4.21 - Cross-Site Request Forgery to User Registration Approval — Woffice CoreCWE-352 5.4 Medium2025-04-04
CVE-2024-43234 WordPress Woffice theme <= 5.4.14 - Unauthenticated Account Takeover vulnerability — WofficeCWE-288 9.8 -2024-12-16
CVE-2024-37470 WordPress Woffice Core plugin <= 5.4.8 - Unauthenticated Broken Access Control vulnerability — Woffice CoreCWE-862 8.2 High2024-11-01
CVE-2024-43153 WordPress Woffice theme <= 5.4.10 - Unauthenticated Privilege Escalation vulnerability — WofficeCWE-266 9.8 Critical2024-08-13
CVE-2024-37471 WordPress Woffice Core plugin <= 5.4.8 - Site Wide Reflected Cross Site Scripting (XSS) vulnerability — Woffice Core 7.1 High2024-07-04
CVE-2024-37472 WordPress Woffice theme <= 5.4.8 - Reflected Cross Site Scripting (XSS) vulnerability — WofficeCWE-79 7.1 High2024-07-04

This page lists every published CVE security advisory associated with WofficeIO. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.