Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

TemplateInvaders — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting TemplateInvaders. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TemplateInvaders is a web application template library used for rapid development, primarily serving businesses needing pre-built UI components. Historically, it has been associated with multiple remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from improper input validation and insecure deserialization. The library has also featured privilege escalation flaws due to weak access controls. With nine CVEs recorded, TemplateInvaders has faced scrutiny for consistent security lapses, particularly in versions prior to 2.0. Its widespread adoption in enterprise environments has made it a target for exploitation, prompting security researchers to highlight its recurring pattern of critical vulnerabilities in default configurations.

Top products by TemplateInvaders: TI WooCommerce Wishlist TI WooCommerce Wishlist Pro
CVE IDTitleCVSSSeverityPublished
CVE-2025-67929 WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerability — TI WooCommerce WishlistCWE-862 5.3 Medium2025-12-16
CVE-2025-9207 TI WooCommerce Wishlist <= 2.10.0 - Unauthenticated HTML Injection — TI WooCommerce WishlistCWE-20 5.3 Medium2025-12-13
CVE-2025-58247 WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Broken Access Control vulnerability — TI WooCommerce WishlistCWE-862 5.3 Medium2025-09-22
CVE-2025-47577 WordPress TI WooCommerce Wishlist plugin <= 2.9.2 - Arbitrary File Upload Vulnerability — TI WooCommerce WishlistCWE-434 10.0 Critical2025-05-19
CVE-2025-32920 WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Cross Site Scripting (XSS) vulnerability — TI WooCommerce WishlistCWE-79 6.5 Medium2025-05-19
CVE-2024-10567 TI WooCommerce Wishlist <= 2.9.1 - Missing Authorization to Unauthenticated Plugin Setup Wizard Access — TI WooCommerce WishlistCWE-862 7.5 High2024-12-04
CVE-2024-43917 WordPress TI WooCommerce Wishlist plugin <= 2.8.2 - SQL Injection vulnerability — TI WooCommerce WishlistCWE-89 9.3 Critical2024-08-29
CVE-2020-36725 TI WooCommerce Wishlist <= 1.21.11 and TI WooCommerce Wishlist Pro <= 1.21.4 - Arbitrary Options Update — TI WooCommerce Wishlist ProCWE-862 8.8 High2023-06-07
CVE-2022-0412 TI WooCommerce Wishlist < 1.40.1 - Unauthenticated Blind SQL Injection — TI WooCommerce WishlistCWE-89 9.8 -2022-02-28

This page lists every published CVE security advisory associated with TemplateInvaders. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.