Browse all 3 CVE security advisories affecting Wholesale Team. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Wholesale Team primarily manages bulk distribution operations and supply chain logistics. Historically, their systems have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from misconfigured APIs and inadequate input validation. Security characteristics include legacy integrations with third-party vendors and limited encryption in transit. While no major public incidents have been documented, the team's three CVEs highlight persistent authentication weaknesses and insufficient session management. Their infrastructure remains attractive to threat actors due to access to sensitive vendor data and pricing information, necessitating prioritized remediation of identified vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-30224 | WordPress WholesaleX plugin <= 1.3.2 - Unauthenticated PHP Object Injection vulnerability — WholesaleXCWE-502 | 10.0 | Critical | 2024-03-28 |
| CVE-2024-30234 | WordPress WholesaleX plugin <= 1.3.1 - Broken Access Control vulnerability — WholesaleXCWE-862 | 6.5 | Medium | 2024-03-26 |
| CVE-2024-30233 | WordPress WholesaleX plugin <= 1.3.1 - Sensitive Data Exposure on User Export vulnerability — WholesaleXCWE-200 | 6.5 | Medium | 2024-03-26 |
This page lists every published CVE security advisory associated with Wholesale Team. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.