Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Tyche softwares — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting Tyche softwares. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tyche Softwares develops enterprise resource planning (ERP) and customer relationship management (CRM) solutions for mid-sized businesses. Historically, their products have been susceptible to remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. The company has addressed multiple critical security issues, with 16 CVEs documented to date, including several high-severity flaws that could allow unauthorized system access or data compromise. While no major public security incidents have been widely reported, their vulnerability history suggests a pattern of security weaknesses in web application components and authentication mechanisms that require ongoing remediation efforts.

Top products by Tyche softwares: Arconix Shortcodes Order Delivery Date for WooCommerce Print Invoice & Delivery Notes for WooCommerce Product Delivery Date for WooCommerce – Lite Custom Order Numbers for WooCommerce Abandoned Cart Lite for WooCommerce Product Input Fields for WooCommerce Currency per Product for WooCommerce Payment Gateway Based Fees and Discounts for WooCommerce Arconix FAQ Booking & Appointment Plugin for WooCommerce Abandoned Cart Pro for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2023-52210 WordPress Product Delivery Date for WooCommerce – Lite plugin <= 2.7.0 - Broken Access Control vulnerability — Product Delivery Date for WooCommerce – Lite 5.3 Medium2025-12-23
CVE-2025-4387 Abandoned Cart Pro for WooCommerce <= 9.16.0 - Authenticated (Subscriber+) Arbitrary File Upload — Abandoned Cart Pro for WooCommerceCWE-434 8.8 High2025-06-10
CVE-2022-46795 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 4.7.2 - CSRF Plugin Settings Reset vulnerability — Print Invoice & Delivery Notes for WooCommerceCWE-862 6.5 Medium2024-12-13
CVE-2024-10729 Booking & Appointment Plugin for WooCommerce <= 6.9.0 - Authenticated (Subscriber+) Arbitrary Option Update — Booking & Appointment Plugin for WooCommerceCWE-285 8.8 High2024-11-26
CVE-2024-38702 WordPress Product Delivery Date for WooCommerce – Lite plugin <= 2.7.2 - Broken Access Control vulnerability — Product Delivery Date for WooCommerce – LiteCWE-862 5.3 Medium2024-11-01
CVE-2024-38769 WordPress Arconix Shortcodes plugin <= 2.1.11 - Broken Access Control vulnerability — Arconix ShortcodesCWE-862 5.3 Medium2024-11-01
CVE-2024-38783 WordPress Arconix FAQ plugin <= 1.9.4 - Broken Access Control vulnerability — Arconix FAQCWE-862 5.3 Medium2024-11-01
CVE-2024-4233 Broken Access Control vulnerability in multiple WordPress plugins by Tyche Softwares — Print Invoice & Delivery Notes for WooCommerceCWE-862 4.3 Medium2024-05-08
CVE-2024-33585 WordPress Payment Gateway Based Fees and Discounts for WooCommerce plugin <= 2.12.1 - Broken Access Control vulnerability — Payment Gateway Based Fees and Discounts for WooCommerceCWE-862 4.3 Medium2024-04-29
CVE-2024-31431 WordPress Product Input Fields for WooCommerce plugin <= 1.7.0 - Cross Site Request Forgery (CSRF) vulnerability — Product Input Fields for WooCommerceCWE-352 4.3 Medium2024-04-15
CVE-2024-31920 WordPress Currency per Product for WooCommerce plugin <= 1.6.0 - Cross Site Request Forgery (CSRF) vulnerability — Currency per Product for WooCommerceCWE-352 4.3 Medium2024-04-15
CVE-2024-32434 WordPress Order Delivery Date for WooCommerce plugin <= 3.20.2 - Cross Site Request Forgery (CSRF) vulnerability — Order Delivery Date for WooCommerceCWE-352 4.3 Medium2024-04-15
CVE-2023-44986 WordPress Abandoned Cart Lite for WooCommerce Plugin <= 5.15.2 is vulnerable to Cross Site Scripting (XSS) — Abandoned Cart Lite for WooCommerceCWE-79 5.9 Medium2023-10-16
CVE-2023-41874 WordPress Order Delivery Date for WooCommerce Plugin <= 3.20.0 is vulnerable to Cross Site Scripting (XSS) — Order Delivery Date for WooCommerceCWE-79 7.1 High2023-09-25
CVE-2022-45367 WordPress Custom Order Numbers for WooCommerce Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF) — Custom Order Numbers for WooCommerceCWE-352 4.3 Medium2023-05-25
CVE-2023-23703 WordPress Arconix Shortcodes Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS) — Arconix ShortcodesCWE-79 6.5 Medium2023-05-16

This page lists every published CVE security advisory associated with Tyche softwares. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.