Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Soft8Soft LLC — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting Soft8Soft LLC. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Soft8Soft LLC develops 3D modeling and visualization software, primarily serving the architecture and engineering industries with their 3D-Tool product line. Historically, their vulnerabilities have frequently included remote code execution flaws, cross-site scripting issues, and privilege escalation weaknesses, often stemming from improper input validation and insecure deserialization. The company has addressed multiple critical security flaws in their ActiveX controls and web interfaces, with seven CVEs documenting these issues. While no major public security incidents have been widely reported, their products' integration with web browsers and enterprise systems has made them targets for exploitation, necessitating regular security updates and careful deployment configurations.

Top products by Soft8Soft LLC: Verge3D Verge3D Publishing and E-Commerce
CVE IDTitleCVSSSeverityPublished
CVE-2025-49268 WordPress Verge3D plugin <= 4.9.4 - Broken Access Control Vulnerability — Verge3DCWE-862 5.3 Medium2025-06-06
CVE-2025-48241 WordPress Verge3D plugin <= 4.9.3 - Reflected Cross Site Scripting (XSS) vulnerability — Verge3DCWE-79 7.1 High2025-05-23
CVE-2025-39443 WordPress Verge3D plugin <= 4.9.0 - Cross Site Request Forgery (CSRF) vulnerability — Verge3DCWE-352 4.3 Medium2025-04-17
CVE-2025-30833 WordPress Verge3D Publishing and E-Commerce Plugin <= 4.8.2 - Cross Site Request Forgery (CSRF) vulnerability — Verge3DCWE-352 4.3 Medium2025-03-27
CVE-2025-22709 WordPress Verge3D Publishing and E-Commerce Plugin <= 4.8.0 - Reflected Cross Site Scripting (XSS) vulnerability — Verge3DCWE-79 7.1 High2025-01-21
CVE-2023-51421 WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Arbitrary File Upload — Verge3D Publishing and E-CommerceCWE-434 9.9 Critical2023-12-29
CVE-2023-51420 WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Remote Code Execution (RCE) — Verge3D Publishing and E-CommerceCWE-94 9.1 Critical2023-12-29

This page lists every published CVE security advisory associated with Soft8Soft LLC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.