Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

RealMag777 — Vulnerabilities & Security Advisories 109

Browse all 109 CVE security advisories affecting RealMag777. AI-powered Chinese analysis, POCs, and references for each vulnerability.

realmag777 is a software vendor primarily known for developing and distributing e-commerce solutions and digital marketplace platforms. Historical security audits reveal a pattern of critical vulnerabilities, with 109 CVEs currently on record. The most prevalent flaw classes include Remote Code Execution (RCE) and Cross-Site Scripting (XSS), often stemming from insufficient input validation and improper sanitization of user-supplied data. Additionally, the software has frequently exhibited insecure direct object references and privilege escalation issues, allowing unauthorized users to access sensitive administrative functions or modify system configurations. These defects typically arise from legacy codebases that lack modern security controls and regular patching cycles. Major incidents have involved data breaches exposing customer personal information and payment details due to unpatched SQL injection flaws. The high volume of disclosed vulnerabilities suggests a reactive rather than proactive security posture, requiring immediate attention to code review processes and dependency management to mitigate ongoing risks for enterprise clients relying on this infrastructure.

Top products by RealMag777: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net HUSKY – Products Filter Professional for WooCommerce WOLF – WordPress Posts Bulk Editor and Manager Professional MDTF WPCS – WordPress Currency Switcher Professional Active Products Tables for WooCommerce. Use constructor to create tables WordPress Meta Data and Taxonomies Filter (MDTF) BEAR FOX – Currency Switcher Professional for WooCommerce TableOn MDTF – Meta Data and Taxonomies Filter HUSKY WOLF Active Products Tables for WooCommerce InPost Gallery TableOn – WordPress Posts Table Filterable GMap Targeting FOX WPCS HUSKY – Products Filter for WooCommerce (formerly WOOF) Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WOOCS – WooCommerce Currency Switcher WPCS - WordPress Currency Switcher Taxonomy Chain Menu HUSKY – Products Filter for WooCommerce Professional WordPress Meta Data Filter & Taxonomies Filter
CVE IDTitleCVSSSeverityPublished
CVE-2023-4924 BEAR <= 1.1.3.3 - Missing Authorization to Product Deletion — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-352 5.4 Medium2023-10-20
CVE-2023-4923 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-352 5.4 Medium2023-10-20
CVE-2023-4935 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile Creation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-352 4.3 Medium2023-10-20
CVE-2023-4920 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-352 4.3 Medium2023-10-20
CVE-2023-4937 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-352 4.3 Medium2023-10-20
CVE-2023-4940 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-352 4.3 Medium2023-10-20
CVE-2023-4943 BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-862 4.3 Medium2023-10-20
CVE-2023-4942 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-352 4.3 Medium2023-10-20
CVE-2023-4938 BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-862 4.3 Medium2023-10-18
CVE-2023-44990 WordPress WOLF Plugin <= 1.0.7.1 is vulnerable to Cross Site Scripting (XSS) — WOLF – WordPress Posts Bulk Editor and Manager ProfessionalCWE-79 5.9 Medium2023-10-17
CVE-2023-31218 WordPress WOLF Plugin <= 1.0.6 is vulnerable to CSRF leading to Stored Cross Site Scripting (XSS) vulnerability — WOLF – WordPress Posts Bulk Editor and Manager ProfessionalCWE-352 7.1 High2023-08-18
CVE-2023-34028 WordPress WOLF Plugin <= 1.0.7 is vulnerable to Cross Site Request Forgery (CSRF) — WOLF – WordPress Posts Bulk Editor and Manager ProfessionalCWE-352 4.3 Medium2023-06-22
CVE-2023-2555 WPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Custom Drop-Down Currency Switcher Creation — WPCS – WordPress Currency Switcher ProfessionalCWE-862 4.3 Medium2023-06-09
CVE-2023-2557 WPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Arbitrary Custom Drop-Down Currency Switcher Editing — WPCS – WordPress Currency Switcher ProfessionalCWE-862 4.3 Medium2023-06-09
CVE-2023-2558 WPCS – WordPress Currency Switcher Professional <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — WPCS – WordPress Currency Switcher ProfessionalCWE-79 6.4 Medium2023-06-09
CVE-2023-2556 WPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Arbitrary Custom Drop-Down Currency Switcher Deletion — WPCS – WordPress Currency Switcher ProfessionalCWE-862 4.3 Medium2023-06-09
CVE-2023-33314 WordPress BEAR Plugin <= 1.1.3.1 is vulnerable to Cross Site Request Forgery (CSRF) — BEARCWE-352 5.4 Medium2023-05-28
CVE-2021-20781 WordPress 跨站请求伪造漏洞 — WordPress Meta Data Filter & Taxonomies Filter 8.8 -2021-07-14
CVE-2021-20780 WordPress 跨站请求伪造漏洞 — WPCS - WordPress Currency Switcher 8.8 -2021-07-07

This page lists every published CVE security advisory associated with RealMag777. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.