Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

flycart — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting flycart. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Flycart is an e-commerce platform designed for online shopping carts and payment processing. Historically, it has been susceptible to multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. These vulnerabilities often stem from insufficient input validation and insecure authentication mechanisms. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for unpatched implementations. Organizations using this platform should prioritize timely updates and implement additional security controls to mitigate exposure to known exploitation vectors.

Top products by flycart: Discount Rules for WooCommerce UpsellWP
CVE IDTitleCVSSSeverityPublished
CVE-2026-32459 WordPress UpsellWP plugin <= 2.2.4 - SQL Injection vulnerability — UpsellWPCWE-89 7.6 High2026-03-13
CVE-2026-25419 WordPress UpsellWP plugin <= 2.2.5 - Broken Access Control vulnerability — UpsellWPCWE-862 4.3 Medium2026-02-19
CVE-2020-36834 Discount Rules for WooCommerce <= 2.0.2 - Missing Authorization — Discount Rules for WooCommerceCWE-862 6.3 Medium2024-10-16
CVE-2024-8541 Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons <= 2.6.5 - Reflected Cross-Site Scripting — Discount Rules for WooCommerceCWE-79 4.7 Medium2024-10-16

This page lists every published CVE security advisory associated with flycart. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.