Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

edgarrojas — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting edgarrojas. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Edgarrojas primarily focuses on web application security research, identifying vulnerabilities in popular software and frameworks. Historically, their contributions center on remote code execution, cross-site scripting, and privilege escalation flaws, particularly in content management systems and e-commerce platforms. Their work has led to 14 CVE assignments, with several critical findings in widely used plugins and themes. While no major public security incidents are directly attributed to their research, their discoveries have consistently addressed high-impact vulnerabilities affecting real-world deployments. Their profile demonstrates a consistent pattern of uncovering flaws that could lead to complete system compromise or data breaches in affected applications.

Top products by edgarrojas: PDF Builder for WooCommerce. Create invoices,packing slips and more Smart Forms – when you need more than just a contact form WooCommerce PDF Invoice Builder PDF Builder for WPForms Extra Product Options Builder for WooCommerce Smart Forms AIO Forms – Craft Complex Forms Easily
CVE IDTitleCVSSSeverityPublished
CVE-2026-2022 Smart Forms <= 2.6.99 - Missing Authorization to Authenticated (Subscriber+) Campaign Data Exposure — Smart Forms – when you need more than just a contact formCWE-862 4.3 Medium2026-02-14
CVE-2025-64269 WordPress WooCommerce PDF Invoice Builder plugin <= 1.2.150 - Broken Access Control vulnerability — WooCommerce PDF Invoice BuilderCWE-862 4.3 Medium2025-11-13
CVE-2025-11889 AIO Forms <= 1.3.18 - Authenticated (Admin+) Arbitrary File Upload via Zip Import — AIO Forms – Craft Complex Forms EasilyCWE-434 7.2 High2025-10-24
CVE-2025-53203 WordPress WooCommerce PDF Invoice Builder plugin <= 1.2.148 - Cross Site Request Forgery (CSRF) Vulnerability — WooCommerce PDF Invoice BuilderCWE-352 4.3 Medium2025-06-27
CVE-2025-5055 Smart Forms <= 2.6.98 - Authenticated (Admin+) Stored Cross-Site Scripting — Smart Forms – when you need more than just a contact formCWE-79 4.4 Medium2025-05-24
CVE-2023-49856 WordPress Smart Forms plugin <= 2.6.84 - Authenticated Arbitrary Options Change Vulnerability — Smart FormsCWE-862 8.1 High2024-12-09
CVE-2024-11276 PDF Builder for WooCommerce. Create invoices,packing slips and more <= 1.2.136 - Reflected Cross-Site Scripting — PDF Builder for WooCommerce. Create invoices,packing slips and moreCWE-79 6.1 Medium2024-12-06
CVE-2024-9214 Extra Product Options Builder for WooCommerce <= 1.2.133 - Unauthenticated Stored Cross-Site Scripting — Extra Product Options Builder for WooCommerceCWE-79 6.1 Medium2024-10-24
CVE-2024-7414 PDF Builder for WPForms <= 1.2.116 - Unauthenticated Full Path Disclosure — PDF Builder for WPFormsCWE-200 5.3 Medium2024-08-09
CVE-2023-3764 WooCommerce PDF Invoice Builder <= 1.2.90 - Cross-Site Request Forgery via Save — PDF Builder for WooCommerce. Create invoices,packing slips and moreCWE-352 4.3 Medium2023-08-31
CVE-2023-4160 WooCommerce PDF Invoice Builder <= 1.2.90 - Authenticated (Administrator+) Cross-Site Scripting — PDF Builder for WooCommerce. Create invoices,packing slips and moreCWE-79 4.4 Medium2023-08-31
CVE-2023-3677 WooCommerce PDF Invoice Builder <= 1.2.89 - Authenticated (Subscriber+) SQL Injection via Export — PDF Builder for WooCommerce. Create invoices,packing slips and moreCWE-89 8.8 High2023-08-31
CVE-2023-4161 WooCommerce PDF Invoice Builder <= 1.2.90 - Cross-Site Request Forgery to Custom Field Creation — PDF Builder for WooCommerce. Create invoices,packing slips and moreCWE-352 4.3 Medium2023-08-31
CVE-2023-4245 WooCommerce PDF Invoice Builder <= 1.2.89 - Missing Authorization to Sensitive Information Exposure — PDF Builder for WooCommerce. Create invoices,packing slips and moreCWE-862 4.3 Medium2023-08-31

This page lists every published CVE security advisory associated with edgarrojas. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.