Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

webfactory — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting webfactory. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by webfactory:Login Lockdown & ProtectionWP ResetAdvanced Google reCAPTCHAUnder ConstructionMinimal Coming Soon – Coming Soon PageOrder Export for WooCommerceMaps Widget for Google MapsWordPress ChartsDatabase ResetEmail LogWP Force SSL & HTTPS SSL RedirectAiBud WP
CVE IDTitleCVSSSeverityPublished
CVE-2025-11707 Login Lockdown & Protection <= 2.14 - IP Block Bypass — Login Lockdown & ProtectionCWE-330 5.3 Medium2025-12-13
CVE-2025-10645 WP Reset <= 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log — WP ResetCWE-532 5.3 Medium2025-10-07
CVE-2025-23968 WordPress AiBud WP plugin <= 1.9 - Arbitrary File Upload vulnerability — AiBud WPCWE-434 9.1 Critical2025-07-03
CVE-2025-3766 Login Lockdown & Protection <= 2.11 - Missing Authorization to Authenticated (Subscriber+) Arbitrary IP Whitelisting — Login Lockdown & ProtectionCWE-862 5.4 Medium2025-05-07
CVE-2025-2074 Advanced Google reCAPTCHA <= 1.29 - Authenticated (Subscriber+) Limited SQL Injection via 'sSearch' Parameter — Advanced Google reCAPTCHACWE-89 5.3 Medium2025-03-28
CVE-2025-1262 Advanced Google reCaptcha <= 1.27 - Built-in Math CAPTCHA Bypass — Advanced Google reCAPTCHACWE-804 5.3 Medium2025-02-25
CVE-2024-13623 Order Export for WooCommerce <= 3.24 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Order Export for WooCommerceCWE-200 5.9 Medium2025-01-31
CVE-2024-12034 Advanced Google reCAPTCHA <= 1.25 - Brute Force Protection IP Unblock — Advanced Google reCAPTCHACWE-340 5.3 Medium2024-12-24
CVE-2024-43259 WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability — Order Export for WooCommerceCWE-201 5.3 Medium2024-08-26
CVE-2024-5087 Minimal Coming Soon – Coming Soon Page <= 2.38 - Missing Authorization to Limited Settings Change — Minimal Coming Soon – Coming Soon PageCWE-862 6.3 Medium2024-06-08
CVE-2024-4661 WP Reset <= 2.02 - Missing Authorization to License Key Modification — WP ResetCWE-862 4.3 Medium2024-06-08
CVE-2024-5770 WP Force SSL & HTTPS SSL Redirect <= 1.66 - Missing Authorization to Settings Update — WP Force SSL & HTTPS SSL RedirectCWE-862 4.2 Medium2024-06-08
CVE-2024-0867 Email Log <= 2.4.8 - Unauthenticated Hook Injection — Email LogCWE-94 8.1 High2024-05-24
CVE-2023-6799 WP Reset <= 2.0 - Sensitive Information Exposure due to Insufficient Randomness — WP ResetCWE-330 5.9 Medium2024-04-09
CVE-2024-1501 Database Reset <= 3.22 - Cross-Site Request Forgery to WP Reset Plugin Installation — Database ResetCWE-352 4.7 Medium2024-02-21
CVE-2024-1340 Login Lockdown – Protect Login Form <= 2.08 - Missing Authorization — Login Lockdown & ProtectionCWE-862 5.4 Medium2024-02-20
CVE-2024-1075 Minimal Coming Soon – Coming Soon Page <= 2.37 - Unauthenticated Maintenance Mode Bypass — Minimal Coming Soon – Coming Soon PageCWE-639 3.7 Low2024-02-05
CVE-2023-5062 WordPress Charts <= 0.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WordPress ChartsCWE-79 6.4 Medium2023-09-20
CVE-2023-0832 Under Construction <= 3.96 - Cross-Site Request Forgery via admin_action_install_weglot — Under ConstructionCWE-352 4.3 Medium2023-06-09
CVE-2023-0831 Under Construction <= 3.96 - Cross-Site Request Forgery via admin_action_ucp_dismiss_notice — Under ConstructionCWE-352 4.3 Medium2023-06-09
CVE-2023-1913 Maps Widget for Google Maps <= 4.24 - Authenticated (Administrator+) Stored Cross-Site Scripting — Maps Widget for Google MapsCWE-79 4.4 Medium2023-04-06

This page lists every published CVE security advisory associated with webfactory. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.