Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Saleswonder Team: Tobias — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting Saleswonder Team: Tobias. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Saleswonder Team: Tobias develops e-commerce platforms with a focus on conversion optimization. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, accounting for the majority of their 17 CVEs. While no major public security incidents have been documented, their vulnerability pattern suggests consistent issues in input validation and access control. The team's core use case centers on creating sales funnels and checkout systems, which have repeatedly exposed customers to potential exploitation through insecure direct object references and insufficient session management. Their CVE history indicates a need for stronger security-by-design principles in their development lifecycle.

Top products by Saleswonder Team: Tobias: WP2LEADS 5 Stars Rating Funnel CF7 WOW Styler Builder for WooCommerce reviews shortcodes – ReviewShort WebinarIgnition Get Better Reviews for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2025-60088 WordPress WebinarIgnition plugin <= 4.06.04 - Broken Access Control vulnerability — WebinarIgnitionCWE-862 6.5 Medium2025-12-18
CVE-2025-54028 WordPress CF7 WOW Styler Plugin <= 1.7.2 - Local File Inclusion Vulnerability — CF7 WOW StylerCWE-98 7.5 High2025-08-20
CVE-2025-49316 WordPress WP2LEADS plugin <= 3.5.0 - Reflected Cross Site Scripting (XSS) vulnerability — WP2LEADSCWE-79 7.1 High2025-06-17
CVE-2025-32922 WordPress WP2LEADS plugin <= 3.5.0 - Cross Site Request Forgery (CSRF) vulnerability — WP2LEADSCWE-352 7.1 High2025-05-15
CVE-2025-30827 WordPress WP2LEADS plugin <= 3.4.5 - Reflected Cross Site Scripting (XSS) vulnerability — WP2LEADSCWE-79 7.1 High2025-04-01
CVE-2025-24565 WordPress WP2LEADS plugin <= 3.3.3 - Reflected Cross Site Scripting (XSS) vulnerability — WP2LEADSCWE-79 7.1 High2025-02-14
CVE-2024-56065 WordPress WP2LEADS Plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vulnerability — WP2LEADSCWE-79 7.1 High2025-01-13
CVE-2024-51689 WordPress CF7 WOW Styler plugin <= 1.6.8 - Reflected Cross Site Scripting (XSS) vulnerability — CF7 WOW StylerCWE-80 7.1 High2024-11-09
CVE-2024-51579 WordPress 5 Stars Rating Funnel plugin <=1.4.01 - SQL Injection vulnerability — 5 Stars Rating FunnelCWE-89 8.5 High2024-11-09
CVE-2024-37544 WordPress Get Better Reviews for WooCommerce plugin <= 4.0.6 - Broken Access Control vulnerability — Get Better Reviews for WooCommerceCWE-862 4.3 Medium2024-07-12
CVE-2024-34763 WordPress Builder for WooCommerce reviews shortcodes – ReviewShort plugin <= 1.01.5 - Broken Access Control vulnerability — Builder for WooCommerce reviews shortcodes – ReviewShortCWE-862 5.3 Medium2024-06-11
CVE-2024-34826 WordPress CF7 WOW Styler plugin <= 1.6.4 - Broken Access Control vulnerability — CF7 WOW StylerCWE-862 6.3 Medium2024-06-11
CVE-2024-32725 WordPress 5 Stars Rating Funnel plugin 1.2.67 - Broken Access Control vulnerability — 5 Stars Rating FunnelCWE-862 5.3 Medium2024-06-09
CVE-2024-32445 WordPress WebinarIgnition plugin <= 3.05.8 - Cross Site Request Forgery (CSRF) vulnerability — WebinarIgnitionCWE-352 5.4 Medium2024-04-15
CVE-2024-31358 WordPress 5 Stars Rating Funnel plugin <= 1.2.67 - Arbitrary Content Deletion vulnerability — 5 Stars Rating FunnelCWE-862 7.5 High2024-04-10
CVE-2024-31375 WordPress WP2LEADS plugin <= 3.2.7 - Broken Access Control vulnerability — WP2LEADSCWE-862 5.4 Medium2024-04-08
CVE-2024-29093 WordPress Builder for WooCommerce reviews shortcodes – ReviewShort plugin <= 1.01.3 - Cross Site Request Forgery (CSRF) vulnerability — Builder for WooCommerce reviews shortcodes – ReviewShortCWE-352 4.3 Medium2024-03-19

This page lists every published CVE security advisory associated with Saleswonder Team: Tobias. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.