Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

StoreApps — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting StoreApps. AI-powered Chinese analysis, POCs, and references for each vulnerability.

StoreApps is a mobile application development platform enabling businesses to create and manage custom e-commerce and retail applications. Historically, the platform has been susceptible to multiple remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from insecure input validation and improper authentication mechanisms. Privilege escalation flaws have also been prevalent, allowing unauthorized access to administrative functions. With nine CVEs documented, StoreApps has faced scrutiny for recurring security weaknesses, though no major public incidents have been widely reported. The platform's vulnerabilities typically arise from its modular architecture and third-party integrations, requiring continuous security hardening to mitigate risks.

Top products by StoreApps: Affiliate For WooCommerce (WordPress plugin) Stock Manager for WooCommerce Smart Manager WooCommerce Stock Manager News Announcement Scroll (WordPress plugin) News Announcement Scroll
CVE IDTitleCVSSSeverityPublished
CVE-2026-24365 WordPress Stock Manager for WooCommerce plugin < 3.6.0 - Cross Site Request Forgery (CSRF) vulnerability — Stock Manager for WooCommerceCWE-352 5.4 Medium2026-01-22
CVE-2025-22710 WordPress Smart Manager Plugin <= 8.52.0 - SQL Injection vulnerability — Smart ManagerCWE-89 7.6 High2025-01-21
CVE-2024-49687 WordPress Smart Manager plugin <= 8.45.0 - Broken Access Control vulnerability — Smart ManagerCWE-862 4.3 Medium2024-12-31
CVE-2023-5663 News Announcement Scroll <= 9.0.0 - Authenticated (Contributor+) SQL Injection via Shortcode — News Announcement ScrollCWE-89 8.8 High2024-03-13
CVE-2023-35091 WordPress WooCommerce Stock Manager Plugin <= 2.10.0 is vulnerable to Cross Site Request Forgery (CSRF) — Stock Manager for WooCommerceCWE-352 4.3 Medium2023-07-11
CVE-2022-40694 WordPress News Announcement Scroll plugin <= 8.8.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — News Announcement Scroll (WordPress plugin)CWE-79 4.8 Medium2022-11-17
CVE-2022-36284 WordPress Affiliate For WooCommerce premium plugin <= 4.7.0 - Authenticated IDOR vulnerability leading to PayPal email change — Affiliate For WooCommerce (WordPress plugin) 6.4 Medium2022-08-05
CVE-2022-25649 WordPress Affiliate For WooCommerce premium plugin <= 4.7.0 - Multiple Improper Access Control vulnerabilities — Affiliate For WooCommerce (WordPress plugin)CWE-264 5.0 Medium2022-08-05
CVE-2021-34619 Cross-Site Request Forgery in WooCommerce Stock Manager WordPress Plugin — WooCommerce Stock ManagerCWE-352 8.8 High2021-07-21

This page lists every published CVE security advisory associated with StoreApps. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.