Browse all 6 CVE security advisories affecting Shop Beat. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Shop Beat is an e-commerce platform enabling online sales management for businesses. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with six CVEs documented. The platform's security posture has been challenged by insufficient input validation and access control flaws, potentially allowing attackers to execute arbitrary code or compromise administrative accounts. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities in core components suggests ongoing security challenges that require robust patch management and secure coding practices to mitigate risks for merchants using the platform.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-36250 | Cross Site Request Forgery on Shop Beat Services — studioCWE-352 | 8.8 | - | 2023-05-30 |
| CVE-2022-36249 | Shop Beat Services Vulnerable To Bypass 2FA via APIs — studioCWE-288 | 8.8 | - | 2023-05-30 |
| CVE-2022-36247 | Shop Beat Services Vulnerable To IDOR — studio | 7.5 | - | 2023-05-30 |
| CVE-2022-36246 | Shop Beat Services Vulnerable To Insecure Permissions — studioCWE-264 | 8.1 | - | 2023-05-30 |
| CVE-2022-36244 | Multiple Stored Cross-Site Scripting Vulnerabilities on Shop Beat Services — studioCWE-79 | 5.4 | - | 2023-05-30 |
| CVE-2022-36243 | Directory Traversal on Shop Beat Services — studioCWE-548 | 5.3 | - | 2023-05-30 |
This page lists every published CVE security advisory associated with Shop Beat. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.