Browse all 5 CVE security advisories affecting ProWCPlugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ProWCPlugins develops WordPress plugins for enhancing website functionality, with a history of security vulnerabilities including remote code execution, cross-site scripting, and privilege escalation. The company's plugins have accumulated five CVEs, reflecting recurring issues in input validation and access control. Notable security characteristics include insufficient sanitization of user-supplied data and inadequate permission checks, which have allowed attackers to execute unauthorized actions or compromise affected sites. While no major public incidents have been widely documented, the pattern of vulnerabilities suggests ongoing challenges in secure coding practices, potentially exposing users to significant risks if plugins are not promptly updated.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39662 | WordPress Product Price by Formula for WooCommerce plugin <= 2.5.6 - Broken Access Control vulnerability — Product Price by Formula for WooCommerceCWE-862 | 5.3 | Medium | 2026-04-08 |
This page lists every published CVE security advisory associated with ProWCPlugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.