Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

QuadLayers — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting QuadLayers. AI-powered Chinese analysis, POCs, and references for each vulnerability.

QuadLayers develops WordPress security and optimization plugins, with their core use case being website protection and performance enhancement. Historically, their products have been susceptible to multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS), and privilege escalation flaws, accounting for their 15 recorded CVEs. Notable security characteristics include frequent authentication bypass issues and insufficient input validation in administrative functions. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices, particularly in access control and data sanitization across their plugin ecosystem.

Top products by QuadLayers: Perfect Brands for WooCommerce (WordPress plugin) QuadMenu – Mega Menu Search Exclude Perfect Brands for WooCommerce Checkout Field Manager (Checkout Manager) for WooCommerce WooCommerce Checkout Manager WP Social Feed Gallery Social Feed Gallery AI Copilot QuadLayers TikTok Feed
CVE IDTitleCVSSSeverityPublished
CVE-2025-13930 Checkout Field Manager (Checkout Manager) for WooCommerce <= 7.8.5 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion — Checkout Field Manager (Checkout Manager) for WooCommerceCWE-862 5.3 Medium2026-02-19
CVE-2025-12500 Checkout Field Manager (Checkout Manager) for WooCommerce <= 7.8.1 - Unauthenticated Limited File Upload — Checkout Field Manager (Checkout Manager) for WooCommerceCWE-434 5.3 Medium2026-02-19
CVE-2025-62116 WordPress AI Copilot plugin <= 1.5.2 - Broken Access Control vulnerability — AI CopilotCWE-862 5.3 Medium2025-12-31
CVE-2025-63016 WordPress QuadLayers TikTok Feed plugin <= 4.6.5 - Broken Access Control vulnerability — QuadLayers TikTok FeedCWE-862 5.3 Medium2025-12-31
CVE-2025-10646 Search Exclude <= 2.5.7 – Missing Authorization to Authenticated (Contributor+) Search Settings Modification via REST API — Search ExcludeCWE-862 4.3 Medium2025-11-25
CVE-2025-10144 Perfect Brands for WooCommerce <= 3.6.2 - Authenticated (Contributor+) SQL Injection — Perfect Brands for WooCommerceCWE-89 6.5 Medium2025-11-24
CVE-2025-10637 Social Feed Gallery <= 4.9.2 - Missing Authorization to Unauthenticated Information Exposure — Social Feed GalleryCWE-862 5.3 Medium2025-10-25
CVE-2025-58686 WordPress Perfect Brands for WooCommerce plugin <= 3.6.2 - SQL Injection vulnerability — Perfect Brands for WooCommerceCWE-89 8.5 High2025-09-22
CVE-2025-2821 Search Exclude <= 2.4.9 - Missing Authorization to Unauthenticated Plugin Settings Modification — Search ExcludeCWE-862 5.3 Medium2025-05-07
CVE-2025-2871 WordPress Mega Menu – QuadMenu <= 3.2.0 - Cross-Site Request Forgery to Limited User Meta Update — QuadMenu – Mega MenuCWE-352 4.3 Medium2025-04-12
CVE-2024-39640 WordPress Social Feed Gallery plugin <= 4.3.9 - Broken Access Control vulnerability — WP Social Feed GalleryCWE-862 6.5 Medium2024-11-01
CVE-2021-4443 WordPress Mega Menu <= 2.0.6 - Arbitrary File Creation — QuadMenu – Mega MenuCWE-434 9.8 Critical2024-10-16
CVE-2023-47681 WordPress WooCommerce Checkout Manager plugin <= 7.3.0 - Broken Access Control vulnerability — WooCommerce Checkout ManagerCWE-862 6.5 Medium2024-06-19
CVE-2022-23982 WordPress Perfect Brands for WooCommerce plugin <= 2.0.4 - Server Information Exposure vulnerability — Perfect Brands for WooCommerce (WordPress plugin)CWE-200 4.3 Medium2022-02-18
CVE-2022-23981 WordPress Perfect Brands for WooCommerce plugin <= 2.0.4 - Set Featured Brand vulnerability — Perfect Brands for WooCommerce (WordPress plugin)CWE-284 4.3 Medium2022-02-18

This page lists every published CVE security advisory associated with QuadLayers. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.