Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Holest Engineering — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting Holest Engineering. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Holest Engineering develops industrial control systems and SCADA solutions for critical infrastructure. Their products have historically been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with six CVEs documented to date. Security researchers have identified authentication bypass flaws and insecure default configurations in their systems. While no major public security incidents have been reported, the consistent pattern of vulnerabilities in their web interfaces and communication protocols suggests potential exposure for deployed systems in high-risk environments. Their products typically require network segmentation and hardening to mitigate identified security weaknesses.

Top products by Holest Engineering: Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light Selling Commander for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2025-60243 WordPress Selling Commander for WooCommerce plugin <= 1.2.46 - Privilege Escalation vulnerability — Selling Commander for WooCommerceCWE-266 9.8 Critical2025-11-06
CVE-2025-48122 WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - SQL Injection Vulnerability — Spreadsheet Price Changer for WooCommerce and WP E-commerce – LightCWE-89 9.3 Critical2025-06-09
CVE-2025-48123 WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Remote Code Execution (RCE) Vulnerability — Spreadsheet Price Changer for WooCommerce and WP E-commerce – LightCWE-94 10.0 Critical2025-06-09
CVE-2025-48124 WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Arbitrary File Download Vulnerability — Spreadsheet Price Changer for WooCommerce and WP E-commerce – LightCWE-22 7.5 High2025-06-09
CVE-2025-48129 WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Privilege Escalation Vulnerability — Spreadsheet Price Changer for WooCommerce and WP E-commerce – LightCWE-266 9.8 Critical2025-06-09
CVE-2025-39378 WordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Local File Inclusion vulnerability — Spreadsheet Price Changer for WooCommerce and WP E-commerce – LightCWE-98 7.5 High2025-04-24

This page lists every published CVE security advisory associated with Holest Engineering. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.