Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Xfinitysoft — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting Xfinitysoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Xfinitysoft develops enterprise software solutions for data management and workflow automation. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. The company maintains four CVE records, with notable issues including authenticated RCE in their flagship platform and stored XSS vulnerabilities affecting multiple customer-facing applications. While no major public security incidents have been documented, their historical vulnerability patterns suggest a need for strengthened security testing protocols, particularly around input sanitization and privilege management in web-based components.

Top products by Xfinitysoft: Content Cloner Order Limit for WooCommerce WP Post Hide Reviewify — Review Discounts & Photo/Video Reviews for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2025-14070 Reviewify <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon Creation — Reviewify — Review Discounts & Photo/Video Reviews for WooCommerceCWE-862 7.5 High2026-01-07
CVE-2025-54042 WordPress WP Post Hide plugin <= 1.0.9 - Cross Site Request Forgery (CSRF) Vulnerability — WP Post HideCWE-352 4.3 Medium2025-07-16
CVE-2025-26928 WordPress Order Limit for WooCommerce plugin <= 3.0.2 - Broken Access Control vulnerability — Order Limit for WooCommerceCWE-862 4.3 Medium2025-02-25
CVE-2025-22681 WordPress Content Cloner plugin <= 1.0.1 - Broken Access Control vulnerability — Content ClonerCWE-862 4.3 Medium2025-02-03

This page lists every published CVE security advisory associated with Xfinitysoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.