Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

wp-buy — Vulnerabilities & Security Advisories 23

Browse all 23 CVE security advisories affecting wp-buy. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products wp-buy:WP Content Copy Protection & No Right ClickWP Maintenance Mode & Site Under ConstructionVisitor Traffic Real Time StatisticsLogin as User or Customer (User Switching)SEO Redirection Plugin – 301 Redirect Manager (WordPress plugin)WP Content Copy Protection & No Right Click (WordPress plugin)404 Image Redirection (Replace Broken Images)wordpress related Posts with thumbnailsRelated Posts Widget with ThumbnailsLimit Login AttemptsVisitors Traffic Real Time StatisticsWP Popup Window MakerLimit Login Attempts (Spam Protection)Login Protection – Limit Failed Login AttemptsTree Sitemap (Pages, Posts & Categories list)WooCommerce Conditional Marketing MailerCaptchinoo, Google recaptcha for admin login page
CVE IDTitleCVSSSeverityPaused
CVE-2026-2936 Visitor Traffic Real Time Statistics <= 8.4 - Unauthenticated Stored Cross-Site Scripting — Visitor Traffic Real Time StatisticsCWE-79 7.2 High2026-04-04
CVE-2025-49284 WordPress WP Maintenance Mode & Site Under Construction plugin <= 4.3 - Cross Site Request Forgery (CSRF) Vulnerability — WP Maintenance Mode & Site Under ConstructionCWE-352 4.3 Medium2025-06-06
CVE-2025-32266 WordPress 404 Image Redirection (Replace Broken Images) plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability — 404 Image Redirection (Replace Broken Images)CWE-352 4.3 Medium2025-04-04
CVE-2025-31570 WordPress Related Posts Widget with Thumbnails plugin <= 1.2 - CSRF to Stored XSS vulnerability — Related Posts Widget with ThumbnailsCWE-352 7.1 High2025-03-31
CVE-2025-31569 WordPress wordpress related Posts with thumbnails plugin <= 3.0.0.1 - CSRF to Stored XSS vulnerability — wordpress related Posts with thumbnailsCWE-352 7.1 High2025-03-31
CVE-2023-47557 WordPress Visitor Traffic Real Time Statistics plugin <= 7.2 - Broken Access Control vulnerability — Visitors Traffic Real Time StatisticsCWE-862 4.3 -2025-01-02
CVE-2024-54234 WordPress Limit Login Attempts plugin <= 5.5 - SQL Injection vulnerability — Limit Login AttemptsCWE-89 9.3 Critical2024-12-13
CVE-2024-52421 WordPress WP Popup Window Maker plugin <= 2.0 - CSRF to Stored XSS vulnerability — WP Popup Window MakerCWE-352 7.1 High2024-11-19
CVE-2024-49306 WordPress WP Content Copy Protection & No Right Click plugin <= 3.5.9 - Cross Site Request Forgery (CSRF) vulnerability — WP Content Copy Protection & No Right ClickCWE-352 4.3 Medium2024-10-20
CVE-2022-4534 Limit Login Attempts (Spam Protection) <= 5.3 - IP Address Spoofing to Protection Mechanism Bypass — Limit Login Attempts (Spam Protection)CWE-348 5.3 Medium2024-10-08
CVE-2023-51484 WordPress Login as User or Customer plugin <= 3.8 - Unauthenticated Account Takeover vulnerability — Login as User or Customer (User Switching)CWE-266 9.8 Critical2024-04-25
CVE-2023-36678 WordPress WP Content Copy Protection & No Right Click Plugin <= 3.5.5 is vulnerable to Cross Site Scripting (XSS) — WP Content Copy Protection & No Right ClickCWE-79 5.9 Medium2023-08-05
CVE-2022-40695 WordPress SEO Redirection Plugin plugin <= 8.9 - Multiple Cross-Site Scripting (CSRF) vulnerabilities — SEO Redirection Plugin – 301 Redirect Manager (WordPress plugin)CWE-352 5.4 Medium2022-11-18
CVE-2022-38704 WordPress SEO Redirection plugin <= 8.9 - Cross-Site Request Forgery (CSRF) vulnerability — SEO Redirection Plugin – 301 Redirect Manager (WordPress plugin)CWE-352 5.4 Medium2022-09-23
CVE-2022-23983 WordPress WP Content Copy Protection & No Right Click plugin <= 3.4.4 - Cross-Site Request Forgery (CSRF) leads to Settings Update vulnerability — WP Content Copy Protection & No Right Click (WordPress plugin)CWE-352 4.3 Medium2022-02-21
CVE-2021-24195 Login as User or Customer (User Switching) < 1.9 - Arbitrary Plugin Installation/Activation via Low Privilege User — Login as User or Customer (User Switching)CWE-285 8.8 -2021-05-14
CVE-2021-24194 Login Protection - Limit Failed Login Attempts < 2.9 - Arbitrary Plugin Installation/Activation via Low Privilege User — Login Protection – Limit Failed Login AttemptsCWE-285 8.8 -2021-05-14
CVE-2021-24193 Visitor Traffic Real Time Statistics < 2.12 - Arbitrary Plugin Installation/Activation via Low Privilege User — Visitor Traffic Real Time StatisticsCWE-285 8.8 -2021-05-14
CVE-2021-24192 Tree Sitemap < 2.9 - Arbitrary Plugin Installation/Activation via Low Privilege User — Tree Sitemap (Pages, Posts & Categories list)CWE-285 8.8 -2021-05-14
CVE-2021-24191 WP Maintenance Mode & Site Under Construction < 1.8.2 - Arbitrary Plugin Installation/Activation via Low Privilege User — WP Maintenance Mode & Site Under ConstructionCWE-285 8.8 -2021-05-14
CVE-2021-24190 WooCommerce Conditional Marketing Mailer < 1.5.2 - Arbitrary Plugin Installation/Activation via Low Privilege User — WooCommerce Conditional Marketing MailerCWE-285 8.8 -2021-05-14
CVE-2021-24189 Captchinoo, Google recaptcha for admin login page < 2.4 - Arbitrary Plugin Installation/Activation via Low Privilege User — Captchinoo, Google recaptcha for admin login pageCWE-285 8.8 -2021-05-14
CVE-2021-24188 WP Content Copy Protection & No Right Click < 3.1.5 - Arbitrary Plugin Installation/Activation via Low Privilege User — WP Content Copy Protection & No Right ClickCWE-285 8.8 -2021-05-14

This page lists every published CVE security advisory associated with wp-buy. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.