Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

wpweb — Vulnerabilities & Security Advisories 25

Browse all 25 CVE security advisories affecting wpweb. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products wpweb:Social Auto PosterWooCommerce - Social LoginWooCommerce PDF VouchersWooCommerce Social LoginFollow My Blog PostWooCommerce - PDF VouchersDocket (WooCommerce Collections / Wishlist / Watchlist)
CVE IDTitleCVSSSeverityPaused
CVE-2025-68547 WordPress Follow My Blog Post plugin <= 2.4.0 - Arbitrary Content Deletion vulnerability — Follow My Blog PostCWE-862 7.5 High2026-01-05
CVE-2025-64258 WordPress Follow My Blog Post plugin <= 2.3.9 - Sensitive Data Exposure vulnerability — Follow My Blog PostCWE-497 6.5AIMediumAI2025-12-18
CVE-2025-39472 WordPress WooCommerce Social Login plugin < 2.8.3 - Cross Site Request Forgery (CSRF) vulnerability — WooCommerce Social LoginCWE-352 4.3 Medium2025-04-16
CVE-2024-56265 WordPress WooCommerce - PDF Vouchers plugin < 4.9.9 - Cross Site Scripting (XSS) vulnerability — WooCommerce PDF VouchersCWE-79 7.1 High2024-12-31
CVE-2024-54383 WordPress WooCommerce - PDF Vouchers plugin < 4.9.9 - Broken Authentication vulnerability — WooCommerce PDF VouchersCWE-266 9.8 Critical2024-12-18
CVE-2024-10114 Social Login - WordPress / WooCommerce Plugin <= 2.7.7 - Authentication Bypass via WordPress.com OAuth provider — WooCommerce - Social LoginCWE-287 8.1 High2024-11-05
CVE-2024-49272 WordPress Social Auto Poster plugin <= 5.3.15 - Cross Site Request Forgery (CSRF) vulnerability — Social Auto PosterCWE-352 4.3 Medium2024-10-20
CVE-2024-47369 WordPress Social Auto Poster plugin <= 5.3.15 - Reflected Cross Site Scripting (XSS) vulnerability — Social Auto PosterCWE-79 7.1 High2024-10-05
CVE-2024-43131 WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin < 1.7.0 - Unauthenticated Arbitrary Post/Page Deletion vulnerability — Docket (WooCommerce Collections / Wishlist / Watchlist)CWE-863 7.5 High2024-08-13
CVE-2024-39651 WordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Arbitrary File Deletion vulnerability — WooCommerce PDF VouchersCWE-22 8.6 High2024-08-13
CVE-2024-7503 WooCommerce - Social Login <= 2.7.5 - Authentication Bypass to Account Takeover — WooCommerce - Social LoginCWE-288 9.8 Critical2024-08-10
CVE-2024-6755 Social Auto Poster <= 5.3.14 - Missing Authorization to Unauthenticated Arbitrary Post Deletion — Social Auto PosterCWE-862 6.5 Medium2024-07-24
CVE-2024-6754 Social Auto Poster <= 5.3.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update via wpw_auto_poster_update_tweet_template — Social Auto PosterCWE-862 5.4 Medium2024-07-24
CVE-2024-7027 WooCommerce - PDF Vouchers <= 4.9.3 - Authentication Bypass to Voucher Vendor — WooCommerce - PDF VouchersCWE-288 7.3 High2024-07-24
CVE-2024-6751 Social Auto Poster <= 5.3.14 - Cross-Site Request Forgery via Multiple Functions — Social Auto PosterCWE-352 6.3 Medium2024-07-24
CVE-2024-6753 Social Auto Poster <= 5.3.14 - Unauthenticated Stored Cross-Site Scripting — Social Auto PosterCWE-79 7.2 High2024-07-24
CVE-2024-6752 Social Auto Poster <= 5.3.14 - Authenticated (Subscriber+) Stored Cross-Site Scripting — Social Auto PosterCWE-79 6.4 Medium2024-07-24
CVE-2024-6750 Social Auto Poster <= 5.3.14 - Missing Authorization via Multiple Functions — Social Auto PosterCWE-862 7.3 High2024-07-24
CVE-2024-6756 Social Auto Poster <= 5.3.14 - Authenticated (Contributor+) Arbitrary File Upload — Social Auto PosterCWE-434 8.8 High2024-07-24
CVE-2024-6636 WooCommerce - Social Login <= 2.7.3 - Missing Authorization to Unauthenticated Privilege Escalation — WooCommerce - Social LoginCWE-862 9.8 Critical2024-07-20
CVE-2024-6635 WooCommerce - Social Login <= 2.7.3 - Unauthenticated Authentication Bypass — WooCommerce - Social LoginCWE-288 7.3 High2024-07-20
CVE-2024-6637 WooCommerce - Social Login <= 2.7.3 - Unauthenticated Privilege Escalation via One-Time Password — WooCommerce - Social LoginCWE-305 7.3 High2024-07-20
CVE-2024-37502 WordPress Social Login plugin <= 2.6.3 - PHP Object Injection vulnerability — WooCommerce Social LoginCWE-502 5.4 Medium2024-07-09
CVE-2024-5871 WooCommerce - Social Login <= 2.6.2 - Unauthenticated PHP Object Injection — WooCommerce - Social LoginCWE-502 9.8 Critical2024-06-15
CVE-2024-5868 WooCommerce - Social Login <= 2.6.2 - Email Verification due to Insufficient Randomness — WooCommerce - Social LoginCWE-330 6.5 Medium2024-06-15

This page lists every published CVE security advisory associated with wpweb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.