Browse all 3 CVE security advisories affecting WBW. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WBW operates as a web application framework primarily used for building dynamic websites and web services. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure default configurations. The framework's modular architecture has introduced additional attack surfaces through third-party plugins. While no major public security incidents have been widely documented, the three assigned CVEs highlight ongoing security concerns, particularly around authentication bypass flaws and insecure data handling. Organizations implementing WBW should prioritize regular updates and security hardening due to its history of common web vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-39496 | WordPress WooBeWoo Product Filter Pro plugin < 2.9.6 - SQL Injection vulnerability — WooBeWoo Product Filter ProCWE-89 | 9.3 | Critical | 2025-08-28 |
| CVE-2024-43918 | WordPress WBW Product Table PRO plugin <= 1.9.4 - Unauthenticated Arbitrary SQL Query Execution vulnerability — WBW Product Table PROCWE-89 | 10.0 | Critical | 2024-08-29 |
| CVE-2023-51512 | WordPress Product Table by WBW plugin <= 1.8.6 - Cross Site Request Forgery (CSRF) vulnerability — Product Table by WBW | 4.3 | Medium | 2024-03-16 |
This page lists every published CVE security advisory associated with WBW. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.