Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

RealMag777 — Vulnerabilities & Security Advisories 109

Browse all 109 CVE security advisories affecting RealMag777. AI-powered Chinese analysis, POCs, and references for each vulnerability.

realmag777 is a software vendor primarily known for developing and distributing e-commerce solutions and digital marketplace platforms. Historical security audits reveal a pattern of critical vulnerabilities, with 109 CVEs currently on record. The most prevalent flaw classes include Remote Code Execution (RCE) and Cross-Site Scripting (XSS), often stemming from insufficient input validation and improper sanitization of user-supplied data. Additionally, the software has frequently exhibited insecure direct object references and privilege escalation issues, allowing unauthorized users to access sensitive administrative functions or modify system configurations. These defects typically arise from legacy codebases that lack modern security controls and regular patching cycles. Major incidents have involved data breaches exposing customer personal information and payment details due to unpatched SQL injection flaws. The high volume of disclosed vulnerabilities suggests a reactive rather than proactive security posture, requiring immediate attention to code review processes and dependency management to mitigate ongoing risks for enterprise clients relying on this infrastructure.

Top products by RealMag777: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net HUSKY – Products Filter Professional for WooCommerce WOLF – WordPress Posts Bulk Editor and Manager Professional MDTF WPCS – WordPress Currency Switcher Professional Active Products Tables for WooCommerce. Use constructor to create tables WordPress Meta Data and Taxonomies Filter (MDTF) BEAR FOX – Currency Switcher Professional for WooCommerce TableOn MDTF – Meta Data and Taxonomies Filter HUSKY WOLF Active Products Tables for WooCommerce InPost Gallery TableOn – WordPress Posts Table Filterable GMap Targeting FOX WPCS HUSKY – Products Filter for WooCommerce (formerly WOOF) Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WOOCS – WooCommerce Currency Switcher WPCS - WordPress Currency Switcher Taxonomy Chain Menu HUSKY – Products Filter for WooCommerce Professional WordPress Meta Data Filter & Taxonomies Filter
CVE IDTitleCVSSSeverityPublished
CVE-2025-2169 WPCS – WordPress Currency Switcher Professional <= 1.2.0.4 - Unauthenticated Arbitrary Shortcode Execution — WPCS – WordPress Currency Switcher ProfessionalCWE-94 7.3 High2025-03-11
CVE-2025-1661 HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion — HUSKY – Products Filter Professional for WooCommerceCWE-22 9.8 Critical2025-03-11
CVE-2025-0864 Active Products Tables for WooCommerce. Use constructor to create tables <= 1.0.6.6 - Reflected Cross-Site Scripting — Active Products Tables for WooCommerce. Use constructor to create tablesCWE-79 6.1 Medium2025-02-18
CVE-2025-26775 WordPress BEAR Plugin <= 1.1.4.4 - Cross Site Scripting (XSS) vulnerability — BEARCWE-79 5.9 Medium2025-02-17
CVE-2025-24605 WordPress WOLF plugin <= 1.0.8.5 - Path Traversal vulnerability — WOLFCWE-22 7.5 Medium2025-02-03
CVE-2024-13340 MDTF – Meta Data and Taxonomies Filter <= 1.3.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — MDTF – Meta Data and Taxonomies FilterCWE-79 6.4 Medium2025-01-23
CVE-2024-12030 MDTF – Meta Data and Taxonomies Filter <= 1.3.3.5 - Authenticated (Contributor+) SQL Injection — MDTF – Meta Data and Taxonomies FilterCWE-89 6.5 Medium2025-01-08
CVE-2023-40334 WordPress HUSKY plugin <= 1.3.4.2 - Broken Access Control vulnerability — HUSKYCWE-862 4.3 Medium2024-12-13
CVE-2024-10959 Active Products Tables for WooCommerce. Use constructor to create tables <= 1.0.6.5 - Unauthenticated Arbitrary Shortcode Execution via woot_get_smth — Active Products Tables for WooCommerce. Use constructor to create tablesCWE-94 7.3 High2024-12-10
CVE-2024-11002 InPost Gallery <= 2.1.4.2 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via inpost_gallery_get_shortcode_template — InPost GalleryCWE-94 6.3 Medium2024-11-26
CVE-2024-11400 HUSKY – Products Filter for WooCommerce <= 1.3.6.3 - Reflected Cross-Site Scripting via really_curr_tax Parameter — HUSKY – Products Filter Professional for WooCommerceCWE-79 6.1 Medium2024-11-19
CVE-2024-52396 WordPress WOLF plugin <= 1.0.8.3 - CSV Limited Path Traversal vulnerability — WOLFCWE-22 4.9 Medium2024-11-14
CVE-2024-10640 The FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.2 - Unauthenticated Arbitrary Shortcode Execution — FOX – Currency Switcher Professional for WooCommerceCWE-94 7.3 High2024-11-09
CVE-2024-10168 Active Products Tables for WooCommerce. Use constructor to create tables <= 1.0.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via woot_button Shortcode — Active Products Tables for WooCommerce. Use constructor to create tablesCWE-79 6.4 Medium2024-11-06
CVE-2024-50451 WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.4 - Cross Site Scripting (XSS) vulnerability — MDTFCWE-79 6.5 Medium2024-10-28
CVE-2024-50450 WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.4 - Bypass Vulnerability vulnerability — MDTFCWE-94 7.3 High2024-10-28
CVE-2024-7491 HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.1 - Insecure Direct Object Reference to Unsubscribe — HUSKY – Products Filter Professional for WooCommerceCWE-862 5.3 Medium2024-09-25
CVE-2024-8623 MDTF – Meta Data and Taxonomies Filter <= 1.3.3.3 - Unauthenticated Arbitrary Shortcode Execution — MDTF – Meta Data and Taxonomies FilterCWE-94 7.3 High2024-09-24
CVE-2024-8624 MDTF – Meta Data and Taxonomies Filter <= 1.3.3.3 - Authenticated (Contributor+) SQL Injection — MDTF – Meta Data and Taxonomies FilterCWE-89 9.9 Critical2024-09-24
CVE-2024-8271 FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.1 - Unauthenticated Arbitrary Shortcode Execution — FOX – Currency Switcher Professional for WooCommerceCWE-94 7.3 High2024-09-14
CVE-2024-43121 WordPress HUSKY plugin <= 1.3.6.1 - Privilege Escalation vulnerability — HUSKYCWE-269 9.1 Critical2024-08-13
CVE-2024-6457 HUSKY - Products Filter Professional for WooCommerce <= 1.3.6 - Unauthenticated Time-Based SQL Injection — HUSKY – Products Filter Professional for WooCommerceCWE-89 9.8 Critical2024-07-16
CVE-2024-38700 WordPress WPCS – WordPress Currency Switcher Professional plugin <= 1.2.0.3 - Arbitrary Shortcode Execution vulnerability — WPCSCWE-74 6.5 Medium2024-07-12
CVE-2024-32818 WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3 - Broken Access Control vulnerability — WordPress Meta Data and Taxonomies Filter (MDTF)CWE-862 4.3 Medium2024-06-09
CVE-2024-35730 WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.3 - Reflected Cross Site Scripting (XSS) vulnerability — Active Products Tables for WooCommerceCWE-79 7.1 High2024-06-08
CVE-2024-5039 HUSKY – Products Filter Professional for WooCommerce <= 1.3.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — HUSKY – Products Filter Professional for WooCommerceCWE-79 6.4 Medium2024-05-29
CVE-2024-34434 WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.2 - Arbitrary Shortcode Execution vulnerability — WordPress Meta Data and Taxonomies Filter (MDTF)CWE-863 6.5 Medium2024-05-17
CVE-2024-34558 WordPress WOLF plugin <= 1.0.8.2 - Cross Site Scripting (XSS) vulnerability — WOLFCWE-79 5.9 Medium2024-05-08
CVE-2024-3734 FOX – Currency Switcher Professional for WooCommerce <= 1.4.1.8 - Unauthenticated Arbitrary Shortcode Execution — FOX – Currency Switcher Professional for WooCommerceCWE-94 6.5 Medium2024-05-02
CVE-2024-32691 WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.2 - Broken Access Control vulnerability — Active Products Tables for WooCommerceCWE-862 5.3 Medium2024-04-22

This page lists every published CVE security advisory associated with RealMag777. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.