Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WPExpertsio — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting WPExpertsio. AI-powered Chinese analysis, POCs, and references for each vulnerability.

wpexpertsio provides WordPress security services and plugin development, focusing on protecting WordPress websites from common vulnerabilities. Historically, their products have been associated with multiple security issues, including six CVEs primarily involving stored cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities. These weaknesses often stemmed from insufficient input validation and improper sanitization of user-supplied data. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in their codebase suggests a need for improved security practices during development and regular code audits to prevent exploitation.

Top products by WPExpertsio: Email Templates Customizer and Designer for WordPress and WooCommerce Rocket Maintenance Mode & Coming Soon Page New User Approve WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management APIExperts Square for WooCommerce WP Multistore Locator — WP Store Locator Plugin: Effortless Integration With Snazzy Maps
CVE IDTitleCVSSSeverityPublished
CVE-2024-12475 WP Multi Store Locator <= 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP Multistore Locator — WP Store Locator Plugin: Effortless Integration With Snazzy MapsCWE-79 6.4 Medium2025-01-04
CVE-2022-47182 WordPress APIExperts Square for WooCommerce plugin <= 4.4.1 - Broken Access Control — APIExperts Square for WooCommerceCWE-862 5.3 Medium2024-12-13
CVE-2024-27959 WordPress APIExperts Square for WooCommerce plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability — WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop ManagementCWE-79 7.1 High2024-03-17
CVE-2023-50902 WordPress New User Approve Plugin <= 2.5.1 is vulnerable to Cross Site Request Forgery (CSRF) — New User ApproveCWE-352 4.3 Medium2023-12-29
CVE-2023-49842 WordPress Rocket Maintenance Mode & Coming Soon Page Plugin <= 4.3 is vulnerable to Cross Site Scripting (XSS) — Rocket Maintenance Mode & Coming Soon PageCWE-79 5.9 Medium2023-12-14
CVE-2022-47181 WordPress Email Templates Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF) — Email Templates Customizer and Designer for WordPress and WooCommerceCWE-352 4.3 Medium2023-11-07

This page lists every published CVE security advisory associated with WPExpertsio. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.