Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

cozyvision1 — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting cozyvision1. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Cozyvision1 develops network video surveillance systems primarily for commercial and industrial security applications. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. Notable security characteristics include default credentials in some models and unencrypted communications in older firmware versions. While no major public incidents have been widely documented, the six CVEs on record highlight ongoing security concerns, particularly in web interfaces and mobile companion applications that expose devices to potential exploitation.

Top products by cozyvision1: SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery
CVE IDTitleCVSSSeverityPublished
CVE-2025-3876 SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction Function — SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart RecoveryCWE-862 8.8 High2025-05-10
CVE-2025-3878 SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via sa_verify Shortcode — SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart RecoveryCWE-79 6.4 Medium2025-05-10
CVE-2024-13553 SMS Alert Order Notifications – WooCommerce <= 3.7.9 - Unauthenticated Account Takeover/Privilege Escalation — SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart RecoveryCWE-288 9.8 Critical2025-04-01
CVE-2024-11725 SMS Alert Order Notifications – WooCommerce <= 3.7.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update — SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart RecoveryCWE-862 8.8 High2025-01-07
CVE-2024-10233 SMSAlert - WooCommerce <= 3.7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via sa_subscribe Shortcode — SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart RecoveryCWE-79 6.4 Medium2024-10-29
CVE-2024-1489 SMS Alert Order Notifications – WooCommerce <= 3.6.9 - Cross-Site Request Forgery — SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart RecoveryCWE-352 4.3 Medium2024-03-13

This page lists every published CVE security advisory associated with cozyvision1. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.