Browse all 5 CVE security advisories affecting WC Lovers. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WC Lovers is a web application that facilitates online community interaction for water closet enthusiasts. Historically, the application has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its five recorded CVEs. These vulnerabilities often stem from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests ongoing security challenges. The application's user-generated content functionality and administrative interfaces appear to be primary attack vectors, requiring robust input sanitization and secure authentication mechanisms to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-63029 | WordPress WCFM Marketplace plugin <= 3.7.1 - SQL Injection vulnerability — WCFM MarketplaceCWE-89 | 7.6 | High | 2026-04-15 |
| CVE-2025-64631 | WordPress WCFM Marketplace plugin <= 3.7.1 - Broken Access Control vulnerability — WCFM MarketplaceCWE-862 | 4.9 | Medium | 2025-12-16 |
| CVE-2025-54004 | WordPress WCFM – Frontend Manager for WooCommerce plugin <= 6.7.24 - Broken Access Control vulnerability — WCFM – Frontend Manager for WooCommerceCWE-862 | 2.7 | Low | 2025-12-16 |
| CVE-2024-44009 | WordPress WCFM Marketplace <= 3.6.11 - Reflected Cross Site Scripting (XSS) vulnerability — WCFM MarketplaceCWE-79 | 7.1 | High | 2024-09-17 |
| CVE-2024-29929 | WordPress WCFM plugin <= 6.7.8 - Cross Site Scripting (XSS) vulnerability — WCFM – Frontend Manager for WooCommerceCWE-79 | 5.9 | Medium | 2024-03-27 |
This page lists every published CVE security advisory associated with WC Lovers. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.