Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wpwax — Vulnerabilities & Security Advisories 37

Browse all 37 CVE security advisories affecting wpwax. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by wpwax:Directorist: AI-Powered Business Directory, Listings & Classified AdsDirectoristProduct Carousel Slider & Grid Ultimate for WooCommerceLegal PagesPost Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor WidgetTeam (WordPress plugin)Logo Showcase Ultimate – Logo Carousel, Logo Slider & Logo GridPost Grid, Slider & Carousel UltimateDirectorist – WordPress Business Directory Plugin with Classified Ads ListingsLegal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice GeneratorDirectorist AddonsKit for ElementorLogo Showcase UltimateLogo Carousel SliderHelpGentFormGent
CVE IDTitleCVSSSeverityPublished
CVE-2024-1322 Directorist <= 7.8.4 - Missing Authorization to Unauthenticated Settings Change — Directorist: AI-Powered Business Directory, Listings & Classified AdsCWE-862 5.3 Medium2024-02-20
CVE-2023-47824 WordPress Legal Pages Plugin <= 1.3.8 is vulnerable to Cross Site Request Forgery (CSRF) — Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice GeneratorCWE-352 5.4 Medium2023-11-22
CVE-2023-41798 WordPress Directorist Plugin <= 7.7.1 is vulnerable to CSV Injection — Directorist – WordPress Business Directory Plugin with Classified Ads ListingsCWE-1236 8.1 -2023-11-07
CVE-2023-1889 Directorist <= 7.5.4 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Deletion in listing_task — Directorist: AI-Powered Business Directory, Listings & Classified AdsCWE-639 6.5 Medium2023-06-09
CVE-2023-1888 Directorist <= 7.5.4 - Authenticated (Subscriber+) Arbitrary User Password Reset to Privilege Escalation — Directorist: AI-Powered Business Directory, Listings & Classified AdsCWE-20 8.8 High2023-06-09
CVE-2022-34650 WordPress Team plugin <= 1.2.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities — Team (WordPress plugin)CWE-79 4.1 Medium2022-07-22
CVE-2022-34853 WordPress Team plugin <= 1.2.6 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities — Team (WordPress plugin)CWE-79 4.1 Medium2022-07-22

This page lists every published CVE security advisory associated with wpwax. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.