Wow-Company 厂商漏洞列表 / CVE 中文分析 28

Wow-Company 厂商相关 28 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

Wow-Company 是一家专注于企业级数据管理与分析解决方案的提供商。其产品线历史上多次被披露存在远程代码执行（RCE）及身份验证绕过等高危漏洞，累计收录 26 条 CVE。这些缺陷多源于对输入验证处理不当及权限控制逻辑缺陷。近期安全更新重点强化了 API 接口的访问控制机制，以应对日益复杂的自动化攻击趋势，建议用户及时升级至最新稳定版本以修复已知风险。

CVEs 28

CVE ID	标题	CVSS	风险等级	Published
CVE-2017-20245	WordPress plugin Wow Viral Signups SQL注入漏洞 — Wow Viral SignupsCWE-89	8.2	High	2026-06-09
CVE-2017-20244	WordPress plugin Wow Forms SQL注入漏洞 — Wow FormsCWE-89	8.2	High	2026-06-09
CVE-2025-53258	WordPress plugin Hover Effects SQL注入漏洞 — Hover EffectsCWE-89	7.6	High	2025-06-27
CVE-2025-30912	WordPress plugin Float menu 跨站请求伪造漏洞 — Float menuCWE-352	5.4	Medium	2025-03-27
CVE-2025-26760	WordPress plugin Calculator Builder 安全漏洞 — Calculator BuilderCWE-98	7.5	High	2025-02-22
CVE-2025-24699	WordPress plugin WP Coder 跨站请求伪造漏洞 — WP CoderCWE-352	7.1	High	2025-02-14
CVE-2025-24724	WordPress plugin Side Menu Lite 跨站请求伪造漏洞 — Side Menu LiteCWE-352	5.4	Medium	2025-01-24
CVE-2025-24716	WordPress plugin Herd Effects 跨站请求伪造漏洞 — Herd EffectsCWE-352	5.4	Medium	2025-01-24
CVE-2025-24717	WordPress plugin Modal Window 跨站请求伪造漏洞 — Modal WindowCWE-352	5.4	Medium	2025-01-24
CVE-2025-24715	WordPress plugin Counter Box 跨站请求伪造漏洞 — Counter BoxCWE-352	5.4	Medium	2025-01-24
CVE-2025-24713	WordPress plugin Button Generator – easily Button Builder 跨站请求伪造漏洞 — Button Generator – easily Button BuilderCWE-352	5.4	Medium	2025-01-24
CVE-2025-24720	WordPress plugin Sticky Buttons 跨站请求伪造漏洞 — Sticky ButtonsCWE-352	5.4	Medium	2025-01-24
CVE-2025-24714	WordPress plugin Bubble Menu – circle floating menu 跨站请求伪造漏洞 — Bubble Menu – circle floating menuCWE-352	5.4	Medium	2025-01-24
CVE-2025-24711	WordPress plugin Popup Box 跨站请求伪造漏洞 — Popup BoxCWE-352	5.4	Medium	2025-01-24
CVE-2023-49154	WordPress plugin Button Generator 安全漏洞 — Button Generator – easily Button BuilderCWE-862	5.3	Medium	2024-12-09
CVE-2024-43346	WordPress plugin Modal Window 安全漏洞 — Modal WindowCWE-79	6.5	Medium	2024-08-18
CVE-2024-35634	WordPress plugin Woocommerce – Recent Purchases 路径遍历漏洞 — Woocommerce – Recent PurchasesCWE-22	4.9	Medium	2024-06-04
CVE-2024-35629	WordPress plugin Easy Digital Downloads – Recent Purchases 安全漏洞 — Easy Digital Downloads – Recent PurchasesCWE-98	9.6	Critical	2024-06-04
CVE-2023-52149	WordPress Plugin Floating Button 跨站请求伪造漏洞 — Floating ButtonCWE-352	5.4	Medium	2024-01-05
CVE-2023-49155	WordPress Plugin Button Generator 跨站请求伪造漏洞 — Button Generator – easily Button BuilderCWE-352	4.3	Medium	2023-12-18
CVE-2023-27418	WordPress Plugin Side Menu Lite 跨站请求伪造漏洞 — Side Menu Lite – add sticky fixed buttonsCWE-352	4.3	Medium	2023-11-12
CVE-2023-25443	WordPress Plugin Button Generator – easily Button Builder 跨站请求伪造漏洞 — Button Generator – easily Button BuilderCWE-352	4.3	Medium	2023-07-11
CVE-2023-27452	WordPress plugin Button Generator – easily Button Builder 跨站脚本漏洞 — Button Generator – easily Button BuilderCWE-79	5.9	Medium	2023-06-22
CVE-2023-23984	WordPress Plugin Wow-Company Bubble Menu – circle floating menu 跨站请求伪造漏洞 — Bubble Menu – circle floating menuCWE-352	5.4	Medium	2023-03-01
CVE-2022-29447	WordPress plugin Hover Effects 安全漏洞 — Hover Effects – easily create any hover effect (WordPress plugin)	6.8	Medium	2022-05-20
CVE-2022-29448	WordPress plugin Herd Effects 安全漏洞 — Herd Effects (WordPress plugin)	6.8	Medium	2022-05-20
CVE-2022-29446	WordPress plugin Counter Box 安全漏洞 — Counter Box (WordPress)	6.8	Medium	2022-05-19
CVE-2022-29445	WordPress plugin Popup Box 安全漏洞 — Popup Box (WordPress plugin)	6.8	Medium	2022-05-18

本页汇总了 Wow-Company 厂商截至目前公开的全部 28 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目标达成 感谢每一位支持者 — 我们达成了 100% 目标！

Wow-Company 厂商漏洞列表 / CVE 中文分析 28

目标达成感谢每一位支持者 — 我们达成了 100% 目标！