Browse all 3 CVE security advisories affecting AazzTech. AI-powered Chinese analysis, POCs, and references for each vulnerability.
AazzTech develops enterprise software solutions for supply chain management, with three publicly disclosed CVEs to date. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. While no major security incidents have been publicly documented, their consistent vulnerability pattern suggests a need for enhanced security testing protocols. The company's codebase appears to prioritize functionality over security hardening, resulting in recurring flaws that could allow attackers to compromise systems or escalate privileges within their environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-22578 | WordPress WP Cookie plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — WP CookieCWE-79 | 5.9 | Medium | 2025-01-07 |
| CVE-2022-40975 | WordPress Post Slider plugin <= 1.6.7 - Broken Access Control vulnerability — Post SliderCWE-862 | 5.4 | Medium | 2024-04-26 |
| CVE-2023-47755 | WordPress WooCommerce Product Carousel Slider Plugin <= 3.3.5 is vulnerable to Cross Site Scripting (XSS) — WooCommerce Product Carousel SliderCWE-79 | 6.5 | Medium | 2023-11-22 |
This page lists every published CVE security advisory associated with AazzTech. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.