Browse all 3 CVE security advisories affecting WPWeb Elite. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WPWeb Elite is a WordPress development agency specializing in custom website solutions and plugin development. Historically, their products have been associated with multiple security vulnerabilities, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation issues. These vulnerabilities often stem from insufficient input validation, improper access controls, and insecure coding practices. The three publicly disclosed CVEs affecting their components highlight ongoing security challenges. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests a need for improved security testing and code review processes within their development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-39650 | WordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Multiple Vulnerabilities — WooCommerce PDF VouchersCWE-862 | 7.3 | High | 2024-11-01 |
| CVE-2024-43132 | WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin < 1.7.0 - Unauthenticated SQL Injection vulnerability — Docket (WooCommerce Collections / Wishlist / Watchlist)CWE-89 | 9.3 | Critical | 2024-08-29 |
| CVE-2024-39652 | WordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce PDF VouchersCWE-79 | 7.1 | High | 2024-08-01 |
This page lists every published CVE security advisory associated with WPWeb Elite. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.