Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

RedNao — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting RedNao. AI-powered Chinese analysis, POCs, and references for each vulnerability.

RedNao operates as a web application platform primarily serving e-commerce and content management needs. Historically, the software has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 12 recorded CVEs. Notable security characteristics include insufficient input validation and inadequate access controls in several versions. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests a need for rigorous patch management. The platform's widespread adoption in business-critical environments makes it a persistent target for exploitation, requiring organizations to maintain current security updates and implement compensating controls.

Top products by RedNao: Donations Made Easy – Smart Donations Smart Forms WooCommerce PDF Invoice Builder, Create invoices, packing slips and more WooCommerce PDF Invoice Builder PDF Builder for WPForms Extra Product Options Builder for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2023-38475 WordPress Donations Made Easy – Smart Donations plugin <= 4.0.12 - Broken Access Control vulnerability — Donations Made Easy – Smart DonationsCWE-862 4.3 Medium2024-12-13
CVE-2024-33593 WordPress Smart Forms plugin <= 2.6.91 - Broken Access Control vulnerability — Smart FormsCWE-862 4.3 Medium2024-04-29
CVE-2024-31940 WordPress Extra Product Options Builder for WooCommerce plugin <= 1.2.104 - Cross Site Request Forgery (CSRF) vulnerability — Extra Product Options Builder for WooCommerceCWE-352 4.3 Medium2024-04-15
CVE-2024-29820 WordPress PDF Builder for WPForms plugin <= 1.2.88 - Cross Site Scripting (XSS) vulnerability — PDF Builder for WPFormsCWE-79 6.5 Medium2024-03-27
CVE-2023-51486 WordPress WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin <= 1.2.101 - Cross Site Request Forgery (CSRF) vulnerability — WooCommerce PDF Invoice BuilderCWE-352 5.4 Medium2024-03-16
CVE-2023-47551 WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Request Forgery (CSRF) — Donations Made Easy – Smart DonationsCWE-352 5.4 Medium2023-11-18
CVE-2023-47550 WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) — Donations Made Easy – Smart DonationsCWE-352 7.1 High2023-11-14
CVE-2023-40207 WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to SQL Injection — Donations Made Easy – Smart DonationsCWE-89 7.6 High2023-11-06
CVE-2023-46076 WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.102 is vulnerable to Cross Site Scripting (XSS) — WooCommerce PDF Invoice Builder, Create invoices, packing slips and moreCWE-79 7.1 High2023-10-26
CVE-2023-40664 WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) — Donations Made Easy – Smart DonationsCWE-79 7.1 High2023-09-27
CVE-2023-32603 WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) — Donations Made Easy – Smart DonationsCWE-79 7.1 High2023-08-25
CVE-2019-5924 WordPress Smart Forms 跨站请求伪造漏洞 — Smart Forms 8.8 -2019-03-12

This page lists every published CVE security advisory associated with RedNao. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.