Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ivole — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting ivole. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Ivole is a cybersecurity platform focused on vulnerability management and threat intelligence for enterprise environments. Historically, the platform has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues, with 11 CVEs recorded to date. Security assessments indicate common weaknesses in authentication mechanisms and input validation processes. While no major public security incidents have been widely documented, the presence of multiple CVEs suggests ongoing challenges in secure coding practices. Organizations using Ivole should prioritize regular security updates and implement robust access controls to mitigate potential risks associated with these historical vulnerability patterns.

Top products by ivole: Customer Reviews for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2026-3355 Customer Reviews for WooCommerce <= 5.101.0 - Reflected Cross-Site Scripting via 'crsearch' — Customer Reviews for WooCommerceCWE-79 6.1 Medium2026-04-16
CVE-2026-4664 Customer Reviews for WooCommerce <= 5.103.0 - Unauthenticated Authentication Bypass to Arbitrary Review Submission via 'key' Parameter — Customer Reviews for WooCommerceCWE-287 5.3 Medium2026-04-10
CVE-2026-1316 Customer Reviews for WooCommerce <= 5.97.0 - Unauthenticated Stored Cross-Site Scripting via media[].href Parameter — Customer Reviews for WooCommerceCWE-79 7.2 High2026-02-12
CVE-2025-14891 Customer Reviews for WooCommerce <= 5.93.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via displayName Parameter — Customer Reviews for WooCommerceCWE-79 6.4 Medium2026-01-07
CVE-2025-5720 Customer Reviews for WooCommerce <= 5.80.2 - Unauthenticated Stored Cross-Site Scripting via `author` Parameter — Customer Reviews for WooCommerceCWE-79 6.4 Medium2025-07-31
CVE-2024-10614 Customer Reviews for WooCommerce <= 5.61.0 - Missing Authorization to Authenticated (Subscriber+) Import Cancellation — Customer Reviews for WooCommerceCWE-862 4.3 Medium2024-11-16
CVE-2024-3731 Customer Reviews for WooCommerce <= 5.47.0 - Reflected Cross-Site Scripting via 's' — Customer Reviews for WooCommerceCWE-79 6.1 Medium2024-04-19
CVE-2024-3243 Customer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sending — Customer Reviews for WooCommerceCWE-862 4.3 Medium2024-04-16
CVE-2024-3869 Customer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Coupon Search — Customer Reviews for WooCommerceCWE-862 4.3 Medium2024-04-16
CVE-2024-1044 Customer Reviews for WooCommerce <= 5.38.10 - Improper Authorization via submit_review — Customer Reviews for WooCommerceCWE-284 5.3 Medium2024-02-20
CVE-2023-6979 Customer Reviews for WooCommerce <= 5.38.9 - Authenticated (Author+) Arbitrary File Upload — Customer Reviews for WooCommerceCWE-434 8.8 High2024-01-11

This page lists every published CVE security advisory associated with ivole. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.