Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

xootix — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting xootix. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by xootix:Waitlist Woocommerce ( Back in stock notifier )Login/Signup PopupSide Cart Woocommerce (Ajax)Login & Register Customizer – Popup | Slider | Inline | WooCommerceOTP Login & Register WoocommerceLogin/Signup Popup ( Inline Form + Woocommerce )
CVE IDTitleCVSSSeverityPublished
CVE-2025-50027 WordPress Login/Signup Popup plugin <= 2.9.4 - Cross Site Scripting (XSS) Vulnerability — Login/Signup PopupCWE-79 5.9 Medium2025-06-20
CVE-2025-1064 Login/Signup Popup ( Inline Form + Woocommerce ) <= 2.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via xoo_el_action Shortcode — Login & Register Customizer – Popup | Slider | Inline | WooCommerceCWE-79 6.4 Medium2025-02-20
CVE-2024-43134 WordPress Waitlist Woocommerce plugin <= 2.6 - Broken Access Control vulnerability — Waitlist Woocommerce ( Back in stock notifier )CWE-862 4.3 Medium2024-11-01
CVE-2024-8724 Waitlist Woocommerce ( Back in stock notifier ) <= 2.7.5 - Reflected Cross-Site Scripting — Waitlist Woocommerce ( Back in stock notifier )CWE-79 6.1 Medium2024-09-14
CVE-2024-5665 Login/Signup Popup ( Inline Form + Woocommerce ) 2.7.1 - 2.7.2 - Missing Authorization to Arbitrary Options Exposure — Login/Signup Popup ( Inline Form + Woocommerce ) 4.3 Medium2024-06-06
CVE-2024-5324 XootiX Framework <= Various Plugin Versions - Missing Authorization to Arbitrary Options Update — Waitlist Woocommerce ( Back in stock notifier )CWE-862 8.8 High2024-06-06
CVE-2023-28415 WordPress Side Cart Woocommerce (Ajax) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS) — Side Cart Woocommerce (Ajax)CWE-79 5.9 Medium2023-08-30
CVE-2020-36715 Login/Signup Popup < 1.5 - Missing Authorization — Login & Register Customizer – Popup | Slider | Inline | WooCommerceCWE-862 7.4 High2023-06-07
CVE-2022-45376 WordPress Side Cart Woocommerce (Ajax) Plugin < 2.1 is vulnerable to Cross Site Request Forgery (CSRF) — Side Cart Woocommerce (Ajax)CWE-352 4.3 Medium2023-05-22
CVE-2023-2706 OTP Login Woocommerce & Gravity Forms <= 2.2 - Authentication Bypass to Privilege Escalation — OTP Login & Register WoocommerceCWE-287 8.1 High2023-05-17
CVE-2022-0215 XootiX Plugins <= Various Versions Cross-Site Request Forgery to Arbitrary Options Update — Login/Signup PopupCWE-352 8.8 High2022-01-18

This page lists every published CVE security advisory associated with xootix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.