Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

plainware — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting plainware. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products plainware:Locatoraid Store LocatorShiftController Employee Shift SchedulingPlainInventory
CVE IDTitleCVSSSeverityPaused
CVE-2025-62140 WordPress Locatoraid Store Locator plugin <= 3.9.68 - Cross Site Scripting (XSS) vulnerability — Locatoraid Store LocatorCWE-79 5.9 Medium2025-12-31
CVE-2025-32623 WordPress PlainInventory plugin <= 3.1.9 - CSRF to Stored XSS vulnerability — PlainInventoryCWE-352 7.1 High2025-04-09
CVE-2025-24557 WordPress PlainInventory plugin <= 3.1.5 - Reflected Cross Site Scripting (XSS) vulnerability — PlainInventoryCWE-79 7.1 High2025-02-03
CVE-2024-56283 WordPress Locatoraid Store Locator Plugin <= 3.9.50 - PHP Object Injection vulnerability — Locatoraid Store LocatorCWE-502 8.1 High2025-01-07
CVE-2024-56291 WordPress PlainInventory – Inventory Management Plugin Plugin <= 3.1.6 - PHP Object Injection vulnerability — PlainInventoryCWE-502 8.1 High2025-01-07
CVE-2024-9652 Locatoraid Store Locator <= 3.9.47 - Reflected Cross-Site Scripting — Locatoraid Store LocatorCWE-79 6.1 Medium2024-10-16
CVE-2024-44040 WordPress ShiftController Employee Shift Scheduling plugin <= 4.9.64 - Cross Site Scripting (XSS) vulnerability — ShiftController Employee Shift SchedulingCWE-79 5.9 Medium2024-10-06
CVE-2024-9435 ShiftController Employee Shift Scheduling <= 4.9.66 - Reflected Cross-Site Scripting — ShiftController Employee Shift SchedulingCWE-79 6.1 Medium2024-10-04
CVE-2024-4733 ShiftController Employee Shift Scheduling <= 4.9.57 - Authenticated (Contributor+) PHP Object Injection — ShiftController Employee Shift SchedulingCWE-502 7.5 High2024-05-16
CVE-2024-30181 WordPress Locatoraid Store Locator plugin <= 3.9.30 - Cross Site Scripting (XSS) vulnerability — Locatoraid Store LocatorCWE-79 5.9 Medium2024-03-27
CVE-2023-32576 WordPress Locatoraid Store Locator Plugin <= 3.9.18 is vulnerable to Cross Site Scripting (XSS) — Locatoraid Store LocatorCWE-79 6.5 Medium2023-08-25
CVE-2023-29424 WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.23 is vulnerable to Cross Site Scripting (XSS) — ShiftController Employee Shift SchedulingCWE-79 7.1 High2023-06-26
CVE-2023-2031 Locatoraid Store Locator <= 3.9.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Locatoraid Store LocatorCWE-79 5.4 Medium2023-06-09
CVE-2023-1978 ShiftController Employee Shift Scheduling <= 4.9.25 - Reflected Cross-Site Scripting via Query String — ShiftController Employee Shift SchedulingCWE-79 6.1 Medium2023-06-09
CVE-2023-25709 WordPress Locatoraid Store Locator Plugin <= 3.9.11 is vulnerable to Cross Site Request Forgery (CSRF) — Locatoraid Store LocatorCWE-352 5.4 Medium2023-03-15

This page lists every published CVE security advisory associated with plainware. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.