Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vanquish — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting Vanquish. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Vanquish is a cybersecurity firm specializing in endpoint protection and threat detection solutions for enterprise environments. Its software suite aims to identify and neutralize malware, ransomware, and advanced persistent threats across networked systems. Historically, vulnerabilities associated with the platform have frequently involved remote code execution and cross-site scripting, allowing attackers to bypass security controls or inject malicious scripts. Privilege escalation flaws have also been documented, potentially enabling unauthorized administrative access. While specific major public incidents remain limited in public records, the presence of twenty-one recorded Common Vulnerabilities and Exposures highlights ongoing challenges in securing its architecture. These issues underscore the critical importance of rigorous patch management and continuous security auditing for organizations relying on Vanquish’s endpoint defense mechanisms to maintain robust operational integrity against evolving cyber threats.

Top products by Vanquish: WooCommerce Support Ticket System WordPress User Extra Fields User Extra Fields WooCommerce Orders & Customers Exporter Upload Files Anywhere WooCommerce Customers Manager WooCommerce Bulk Product Editor WooCommerce Order Details
CVE IDTitleCVSSSeverityPublished
CVE-2026-32522 WordPress WooCommerce Support Ticket System plugin < 18.5 - Arbitrary File Deletion vulnerability — WooCommerce Support Ticket SystemCWE-22 8.6 High2026-03-25
CVE-2026-27374 WordPress WooCommerce Order Details plugin <= 3.1 - Broken Access Control vulnerability — WooCommerce Order DetailsCWE-862 7.5 High2026-03-05
CVE-2025-69381 WordPress WooCommerce Bulk Product Editor plugin <= 3.0 - Broken Access Control vulnerability — WooCommerce Bulk Product EditorCWE-862 7.1 High2026-02-20
CVE-2025-69379 WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Deletion vulnerability — Upload Files AnywhereCWE-22 8.6 High2026-02-20
CVE-2025-69377 WordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerability — User Extra FieldsCWE-22 7.7 High2026-02-20
CVE-2025-69380 WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Download vulnerability — Upload Files AnywhereCWE-22 7.5 High2026-02-20
CVE-2025-69376 WordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerability — User Extra FieldsCWE-22 8.6 High2026-02-20
CVE-2025-67991 WordPress User Extra Fields plugin <= 16.8 - Cross Site Scripting (XSS) vulnerability — User Extra FieldsCWE-79 7.1 High2026-02-20
CVE-2025-22713 WordPress WooCommerce Orders & Customers Exporter plugin <= 5.4 - SQL Injection vulnerability — WooCommerce Orders & Customers ExporterCWE-89 8.5 High2026-01-08
CVE-2025-67579 WordPress User Extra Fields plugin <= 16.8 - Broken Access Control vulnerability — User Extra FieldsCWE-862 5.3 Medium2025-12-09
CVE-2025-7846 WordPress User Extra Fields <= 16.7 - Authenticated (Subscriber+) Arbitrary File Deletion via save_fields Function — WordPress User Extra FieldsCWE-36 8.8 High2025-10-31
CVE-2025-53424 WordPress WooCommerce Orders & Customers Exporter plugin <= 5.4 - Broken Access Control vulnerability — WooCommerce Orders & Customers ExporterCWE-862 6.5 Medium2025-10-22
CVE-2025-48331 WordPress WooCommerce Orders & Customers Exporter <= 5.0 - Sensitive Data Exposure Vulnerability — WooCommerce Orders & Customers ExporterCWE-201 7.5 High2025-05-30
CVE-2024-13775 WooCommerce Support Ticket System <= 17.8 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Information Exposure — WooCommerce Support Ticket SystemCWE-862 5.4 Medium2025-02-01
CVE-2024-13343 WooCommerce Customers Manager <= 31.3 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation — WooCommerce Customers ManagerCWE-269 8.8 High2025-02-01
CVE-2024-11150 WordPress User Extra Fields <= 16.6 - Unauthenticated Arbitrary File Deletion — WordPress User Extra FieldsCWE-22 9.8 Critical2024-11-13
CVE-2024-10800 WordPress User Extra Fields <= 16.6 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation — WordPress User Extra FieldsCWE-862 8.8 High2024-11-13
CVE-2024-10801 WordPress User Extra Fields <= 16.5 - Unauthenticated Arbitrary File Upload — WordPress User Extra FieldsCWE-434 9.8 Critical2024-11-09
CVE-2024-10627 WooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File Upload — WooCommerce Support Ticket SystemCWE-434 9.8 Critical2024-11-09
CVE-2024-10625 WooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File Deletion — WooCommerce Support Ticket SystemCWE-22 9.8 Critical2024-11-09
CVE-2024-10626 WooCommerce Support Ticket System <= 17.7 - Authenticated (Subscriber+) Arbitrary File Deletion — WooCommerce Support Ticket SystemCWE-22 8.8 High2024-11-09

This page lists every published CVE security advisory associated with Vanquish. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.