目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

WPFactory 厂商漏洞列表 / CVE 中文分析 47

WPFactory 厂商相关 47 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

WPFactory 主要提供 WordPress 插件及主题开发服务。其产品历史上频繁出现远程代码执行、跨站脚本及越权访问等高危漏洞,累计已收录 47 条 CVE。这些缺陷多源于输入验证缺失或权限控制不严,导致攻击者可轻易获取服务器控制权或窃取用户数据。鉴于其代码复用特性,单一漏洞往往影响多个下游站点,建议用户及时更新并严格审查第三方组件的安全性。

Top products by WPFactory: Wishlist for WooCommerce Products, Order & Customers Export for WooCommerce EAN for WooCommerce Advanced WooCommerce Product Sales Reporting Additional Custom Product Tabs for WooCommerce Helpdesk Support Ticket System for WooCommerce Product XML Feed Manager for WooCommerce Free Shipping Bar: Amount Left for Free Shipping for WooCommerce Adverts Back Button Widget Cost of Goods for WooCommerce Sitewide Discount for WooCommerce: Apply Discount to All Products Maximum Products per User for WooCommerce Slugs Manager CRM ERP Business Solution Min Max Step Quantity Limits Manager for WooCommerce Coupons & Add to Cart by URL Links for WooCommerce Product Notes Tab & Private Admin Notes for WooCommerce Email Verification for WooCommerce Additional Custom Emails & Recipients for WooCommerce Change Add to Cart Button Text for WooCommerce Awesome Shortcodes Custom Checkout Fields for WooCommerce Product Excel Import Export & Bulk Edit for WooCommerce MSRP (RRP) Pricing for WooCommerce Custom CSS, JS & PHP WPFactory Helper EU/UK VAT Manager for WooCommerce Quantity Dynamic Pricing & Bulk Discounts for WooCommerce Scheduled & Automatic Order Status Controller for WooCommerce
CVE ID标题CVSS风险等级Published
CVE-2026-24993 WordPress plugin Advanced WooCommerce Product Sales Reporting SQL注入漏洞 — Advanced WooCommerce Product Sales ReportingCWE-89 9.3 Critical2026-03-25
CVE-2026-23977 WordPress plugin Helpdesk Support Ticket System for WooCommerce 安全漏洞 — Helpdesk Support Ticket System for WooCommerceCWE-862 7.5 High2026-03-25
CVE-2026-24992 WordPress plugin Advanced WooCommerce Product Sales Reporting 安全漏洞 — Advanced WooCommerce Product Sales ReportingCWE-201 5.3 Medium2026-02-03
CVE-2025-69334 WordPress plugin Wishlist for WooCommerce 跨站脚本漏洞 — Wishlist for WooCommerceCWE-79 6.5 Medium2026-01-06
CVE-2025-62096 WordPress plugin Maximum Products per User for WooCommerce 跨站脚本漏洞 — Maximum Products per User for WooCommerceCWE-79 6.5 Medium2025-12-31
CVE-2025-68528 WordPress plugin Free Shipping Bar: Amount Left for Free Shipping for WooCommerce 安全漏洞 — Free Shipping Bar: Amount Left for Free Shipping for WooCommerceCWE-79 6.5 Medium2025-12-24
CVE-2025-57911 WordPress plugin Adverts 跨站脚本漏洞 — AdvertsCWE-79 6.5 Medium2025-09-22
CVE-2025-57972 WordPress plugin Helpdesk Support Ticket System for WooCommerce 安全漏洞 — Helpdesk Support Ticket System for WooCommerceCWE-862 4.3 Medium2025-09-22
CVE-2025-58985 WordPress plugin Additional Custom Product Tabs for WooCommerce 跨站脚本漏洞 — Additional Custom Product Tabs for WooCommerceCWE-79 6.5 Medium2025-09-09
CVE-2025-49887 WordPress plugin Product XML Feed Manager for WooCommerce 代码注入漏洞 — Product XML Feed Manager for WooCommerceCWE-94 9.9 Critical2025-08-14
CVE-2025-30959 WordPress plugin Product XML Feed Manager for WooCommerce 安全漏洞 — Product XML Feed Manager for WooCommerceCWE-862 6.5 Medium2025-07-16
CVE-2025-49319 WordPress plugin Wishlist for WooCommerce 安全漏洞 — Wishlist for WooCommerceCWE-862 6.5 Medium2025-07-16
CVE-2025-49987 WordPress plugin CRM ERP Business Solution 安全漏洞 — CRM ERP Business SolutionCWE-862 5.3 Medium2025-06-20
CVE-2025-49510 WordPress plugin Min Max Step Quantity Limits Manager for WooCommerce 跨站请求伪造漏洞 — Min Max Step Quantity Limits Manager for WooCommerceCWE-352 4.3 Medium2025-06-10
CVE-2025-48254 WordPress plugin Change Add to Cart Button Text for WooCommerce 跨站脚本漏洞 — Change Add to Cart Button Text for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48253 WordPress plugin Free Shipping Bar 跨站脚本漏洞 — Free Shipping Bar: Amount Left for Free Shipping for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48252 WordPress plugin Back Button Widget 跨站脚本漏洞 — Back Button WidgetCWE-79 6.5 Medium2025-05-19
CVE-2025-48250 WordPress plugin Coupons & Add to Cart by URL Links for WooCommerce 跨站脚本漏洞 — Coupons & Add to Cart by URL Links for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48251 WordPress plugin Additional Custom Emails & Recipients for WooCommerce 跨站脚本漏洞 — Additional Custom Emails & Recipients for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48248 WordPress plugin Sitewide Discount for WooCommerce 跨站脚本漏洞 — Sitewide Discount for WooCommerce: Apply Discount to All ProductsCWE-79 6.5 Medium2025-05-19
CVE-2025-48249 WordPress plugin EAN for WooCommerce 跨站脚本漏洞 — EAN for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48240 WordPress plugin Cost of Goods for WooCommerce 跨站脚本漏洞 — Cost of Goods for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48239 WordPress plugin Product Notes Tab & Private Admin Notes for WooCommerce 跨站脚本漏洞 — Product Notes Tab & Private Admin Notes for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-48237 WordPress plugin Wishlist for WooCommerce 跨站脚本漏洞 — Wishlist for WooCommerceCWE-79 6.5 Medium2025-05-19
CVE-2025-47504 WordPress plugin Custom Checkout Fields for WooCommerce 跨站脚本漏洞 — Custom Checkout Fields for WooCommerceCWE-79 6.5 Medium2025-05-07
CVE-2025-32552 WordPress plugin MSRP (RRP) Pricing for WooCommerce 跨站脚本漏洞 — MSRP (RRP) Pricing for WooCommerceCWE-79 7.1 High2025-04-17
CVE-2025-32674 WordPress plugin Product Excel Import Export & Bulk Edit for WooCommerce 跨站脚本漏洞 — Product Excel Import Export & Bulk Edit for WooCommerceCWE-79 7.1 High2025-04-17
CVE-2025-39601 WordPress plugin Custom CSS, JS & PHP 跨站请求伪造漏洞 — Custom CSS, JS & PHPCWE-352 9.6 Critical2025-04-16
CVE-2025-26749 WordPress plugin Additional Custom Product Tabs for WooCommerce 跨站脚本漏洞 — Additional Custom Product Tabs for WooCommerceCWE-79 6.5 Medium2025-04-15
CVE-2025-31553 WordPress plugin Advanced WooCommerce Product Sales Reporting SQL注入漏洞 — Advanced WooCommerce Product Sales ReportingCWE-89 9.3 Critical2025-04-01

本页汇总了 WPFactory 厂商截至目前公开的全部 47 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。