Browse all 3 CVE security advisories affecting phoeniixx. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Phoeniixx primarily develops web applications and APIs for enterprise clients, with a core focus on e-commerce platforms. Historically, vulnerabilities associated with this entity include remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and misconfigured access controls. Security assessments reveal inconsistent patch management and inadequate dependency hygiene. While no major public incidents have been documented, the three CVEs on record highlight recurring issues in authentication mechanisms and session handling. Their codebase typically shows moderate security maturity with room for improvement in secure coding practices and vulnerability remediation timelines.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12218 | Woocommerce check pincode/zipcode for shipping <= 2.0.4 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — Woocommerce check pincode/zipcode for shippingCWE-352 | 6.1 | Medium | 2025-01-09 |
| CVE-2024-4552 | Social Login Lite For WooCommerce <= 1.6.0 - Authentication Bypass — Social Login Lite For WooCommerceCWE-288 | 9.8 | Critical | 2024-06-04 |
| CVE-2023-46634 | WordPress Custom My Account for Woocommerce Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF) — Custom My Account for WoocommerceCWE-352 | 7.1 | High | 2023-11-13 |
This page lists every published CVE security advisory associated with phoeniixx. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.