Browse all 3 CVE security advisories affecting WPExperts. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WPExperts specializes in WordPress security solutions, focusing on vulnerability detection and remediation for WordPress websites and plugins. Historically, their products have been associated with common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. The organization maintains three CVEs on record, primarily related to input validation and access control issues in their security tools. While no major security incidents have been publicly documented, their CVE history suggests a pattern of insufficient input sanitization in certain plugin versions. WPExperts continues to provide security services while addressing past vulnerabilities through regular updates and security patches.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-31297 | WordPress Wholesale For WooCommerce plugin <= 2.3.1 - Unauthenticated Arbitrary Post/Page vulnerability — Wholesale For WooCommerceCWE-862 | 7.5 | High | 2024-04-10 |
| CVE-2024-30469 | WordPress Wholesale For WooCommerce plugin <= 2.3.0 - Unauthenticated Sensitive Data Exposure vulnerability — Wholesale For WooCommerceCWE-200 | 5.3 | Medium | 2024-03-29 |
| CVE-2023-32580 | WordPress Password Protected Plugin <= 2.6.2 is vulnerable to Cross Site Scripting (XSS) — Password ProtectedCWE-79 | 5.9 | Medium | 2023-06-23 |
This page lists every published CVE security advisory associated with WPExperts. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.