Browse all 3 CVE security advisories affecting WebFactory Ltd. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WebFactory Ltd develops enterprise web applications with a focus on e-commerce platforms. Historically, the company's products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and misconfigured access controls. While no major public security incidents have been documented, their CVE history indicates a pattern of security gaps in authentication mechanisms and session management. The organization has shown improvement in patch response times, though legacy systems remain vulnerable to exploitation. Their security posture reflects common challenges in rapid development environments where functionality is prioritized over robust security implementation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-48745 | WordPress Captcha Code plugin <= 2.9 - Captcha Bypass vulnerability — Captcha CodeCWE-307 | 5.3 | Medium | 2024-06-04 |
| CVE-2023-50837 | WordPress Login Lockdown Plugin <= 2.06 is vulnerable to SQL Injection — Login Lockdown – Protect Login FormCWE-89 | 7.6 | High | 2023-12-29 |
| CVE-2023-49747 | WordPress Guest Author Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS) — Guest AuthorCWE-79 | 5.9 | Medium | 2023-12-15 |
This page lists every published CVE security advisory associated with WebFactory Ltd. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.