Browse all 4 CVE security advisories affecting emagicone. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Emagicone develops e-commerce automation tools, primarily for online store management and integration. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by their four recorded CVEs. These vulnerabilities often stem from insufficient input validation and insecure authentication mechanisms. While no major public security incidents have been widely documented, the consistent pattern of critical vulnerabilities in their software suggests a need for improved security development practices. Their products' widespread use in e-commerce makes them a potential target for exploitation if not properly maintained and patched.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5058 | eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_image() — eMagicOne Store Manager for WooCommerceCWE-434 | 9.8 | Critical | 2025-05-24 |
| CVE-2025-4336 | eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file() — eMagicOne Store Manager for WooCommerceCWE-434 | 8.1 | High | 2025-05-24 |
| CVE-2025-4603 | eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Deletion — eMagicOne Store Manager for WooCommerceCWE-73 | 9.1 | Critical | 2025-05-24 |
| CVE-2025-4602 | eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Read — eMagicOne Store Manager for WooCommerceCWE-73 | 5.9 | Medium | 2025-05-24 |
This page lists every published CVE security advisory associated with emagicone. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.