Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wpcodefactory — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting wpcodefactory. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by wpcodefactory:Customer Email Verification for WooCommerceDownload Plugins and Themes in ZIP from DashboardEAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN InventoryEU/UK VAT Validation Manager for WooCommerceCost of Goods: Product Cost & Profit Calculator for WooCommercePrice by Quantity & Bulk Quantity Discounts for WooCommerceExport Products, Orders & Customers for WooCommerceMaximum Products per User for WooCommercePDF Invoices & Packing Slips Generator for WooCommerceCustom CSS, JS & PHPAdditional Custom Order Status for WooCommerceWishlist for WooCommerce: Multi Wishlists Per CustomerStock History & Reports Manager for WooCommerceOrder Minimum/Maximum Amount Limits for WooCommerceWholeSale Products Dynamic Pricing Management WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2026-4479 WholeSale Products Dynamic Pricing Management WooCommerce <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings — WholeSale Products Dynamic Pricing Management WooCommerceCWE-79 4.4 Medium2026-04-14
CVE-2026-1381 Order Minimum/Maximum Amount Limits for WooCommerce <= 4.6.8 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via Hide Add to Cart Content Fields — Order Minimum/Maximum Amount Limits for WooCommerceCWE-79 4.4 Medium2026-01-28
CVE-2025-14399 Download Plugins and Themes from Dashboard <= 1.9.6 - Cross-Site Request Forgery to Bulk Plugin/Theme Archival — Download Plugins and Themes in ZIP from DashboardCWE-352 4.3 Medium2025-12-17
CVE-2025-10167 Stock History & Reports Manager for WooCommerce <= 2.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Stock History & Reports Manager for WooCommerceCWE-79 6.4 Medium2025-10-11
CVE-2024-13774 Wishlist for WooCommerce: Multi Wishlists Per Customer <= 3.1.7 - Cross-Site Request Forgery to Cross-Site Scriping via Wishlist Name — Wishlist for WooCommerce: Multi Wishlists Per CustomerCWE-352 6.1 Medium2025-03-08
CVE-2024-13525 Customer Email Verification for WooCommerce <= 2.9.4 - Authenticated (Contributor+) Sensitive Information Exposure — Customer Email Verification for WooCommerceCWE-200 6.5 Medium2025-02-15
CVE-2024-13528 Customer Email Verification for WooCommerce <= 2.9.5 - Authentication Bypass via Shortcode — Customer Email Verification for WooCommerceCWE-287 7.5 High2025-02-12
CVE-2024-11814 Additional Custom Order Status for WooCommerce <= 1.6.0 - Reflected Cross-Site Scripting — Additional Custom Order Status for WooCommerceCWE-79 6.1 Medium2024-12-04
CVE-2024-11330 Custom CSS, JS & PHP <= 2.3.0 - Reflected Cross-Site Scripting — Custom CSS, JS & PHPCWE-79 6.1 Medium2024-11-23
CVE-2024-11361 PDF Invoices & Packing Slips Generator for WooCommerce <= 2.2.1 - Reflected Cross-Site Scripting — PDF Invoices & Packing Slips Generator for WooCommerceCWE-79 6.1 Medium2024-11-23
CVE-2024-9232 Download Plugins and Themes in ZIP from Dashboard <= 1.9.1 - Reflected Cross-Site Scripting — Download Plugins and Themes in ZIP from DashboardCWE-79 6.1 Medium2024-10-11
CVE-2024-9377 Products, Order & Customers Export for WooCommerce <= 2.0.15 - Reflected Cross-Site Scripting — Export Products, Orders & Customers for WooCommerceCWE-79 6.1 Medium2024-10-10
CVE-2024-9205 Maximum Products per User for WooCommerce <= 4.2.8 - Reflected Cross-Site Scripting — Maximum Products per User for WooCommerceCWE-79 6.1 Medium2024-10-10
CVE-2024-9384 Quantity Dynamic Pricing & Bulk Discounts for WooCommerce <= 3.8.0 - Reflected Cross-Site Scripting — Price by Quantity & Bulk Quantity Discounts for WooCommerceCWE-79 6.1 Medium2024-10-04
CVE-2024-9189 EU/UK VAT Manager for WooCommerce <= 2.12.12 - Missing Authorization — EU/UK VAT Validation Manager for WooCommerceCWE-862 5.3 Medium2024-09-28
CVE-2024-8788 EU/UK VAT Manager for WooCommerce <= 2.12.12 - Reflected Cross-Site Scripting — EU/UK VAT Validation Manager for WooCommerceCWE-79 6.1 Medium2024-09-28
CVE-2024-7501 Download Plugins and Themes from Dashboard <= 1.8.7 - Cross-Site Request Forgery — Download Plugins and Themes in ZIP from DashboardCWE-352 4.2 Medium2024-08-16
CVE-2024-4185 Customer Email Verification for WooCommerce <= 2.7.4 - Email Verification and Authentication Bypass due to Insufficient Randomness — Customer Email Verification for WooCommerceCWE-330 8.1 High2024-04-30
CVE-2023-6897 EAN for WooCommerce <= 4.9.2 - Insecure Direct Object Reference to Sensitve Information Exposure via Shortcode — EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN InventoryCWE-639 4.3 Medium2024-04-18
CVE-2023-6892 EAN for WooCommerce <= 4.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via alg_wc_ean_product_meta Shortcode — EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN InventoryCWE-79 6.4 Medium2024-04-18
CVE-2024-0821 Cost of Goods Sold (COGS): Cost & Profit Calculator for WooCommerce <= 3.2.8 - Reflected Cross-Site Scripting — Cost of Goods: Product Cost & Profit Calculator for WooCommerceCWE-79 6.1 Medium2024-02-20

This page lists every published CVE security advisory associated with wpcodefactory. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.