Browse all 9 CVE security advisories affecting Dotstore. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Dotstore is an e-commerce platform enabling online retail operations with core functionality for product listings and payment processing. Historically, the platform has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its nine recorded CVEs. Security researchers have identified input validation weaknesses as a recurring problem, potentially allowing attackers to execute arbitrary code or manipulate user sessions. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests a need for rigorous input sanitization and secure coding practices to mitigate risks for merchants and customers alike.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39671 | WordPress Extra Fees Plugin for WooCommerce plugin <= 4.3.3 - Cross Site Request Forgery (CSRF) vulnerability — Extra Fees Plugin for WooCommerceCWE-352 | 7.1 | High | 2026-04-08 |
This page lists every published CVE security advisory associated with Dotstore. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.