Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

realmag777 — Vulnerabilities & Security Advisories 109

Browse all 109 CVE security advisories affecting realmag777. AI-powered Chinese analysis, POCs, and references for each vulnerability.

realmag777 is a software vendor primarily known for developing and distributing e-commerce solutions and digital marketplace platforms. Historical security audits reveal a pattern of critical vulnerabilities, with 109 CVEs currently on record. The most prevalent flaw classes include Remote Code Execution (RCE) and Cross-Site Scripting (XSS), often stemming from insufficient input validation and improper sanitization of user-supplied data. Additionally, the software has frequently exhibited insecure direct object references and privilege escalation issues, allowing unauthorized users to access sensitive administrative functions or modify system configurations. These defects typically arise from legacy codebases that lack modern security controls and regular patching cycles. Major incidents have involved data breaches exposing customer personal information and payment details due to unpatched SQL injection flaws. The high volume of disclosed vulnerabilities suggests a reactive rather than proactive security posture, requiring immediate attention to code review processes and dependency management to mitigate ongoing risks for enterprise clients relying on this infrastructure.

Top products by realmag777: BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net HUSKY – Products Filter Professional for WooCommerce WOLF – WordPress Posts Bulk Editor and Manager Professional MDTF WPCS – WordPress Currency Switcher Professional Active Products Tables for WooCommerce. Use constructor to create tables WordPress Meta Data and Taxonomies Filter (MDTF) BEAR FOX – Currency Switcher Professional for WooCommerce TableOn MDTF – Meta Data and Taxonomies Filter HUSKY WOLF Active Products Tables for WooCommerce InPost Gallery TableOn – WordPress Posts Table Filterable GMap Targeting FOX WPCS HUSKY – Products Filter for WooCommerce (formerly WOOF) Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WOOCS – WooCommerce Currency Switcher WPCS - WordPress Currency Switcher Taxonomy Chain Menu HUSKY – Products Filter for WooCommerce Professional WordPress Meta Data Filter & Taxonomies Filter
CVE IDTitleCVSSSeverityPublished
CVE-2024-31430 Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR and WOLF WordPress plugins — WOLF – WordPress Posts Bulk Editor and Manager ProfessionalCWE-352 4.3 Medium2024-04-10
CVE-2024-30462 WordPress HUSKY plugin <= 1.3.5.1 - Cross Site Request Forgery (CSRF) vulnerability — HUSKY – Products Filter for WooCommerce (formerly WOOF)CWE-352 4.3 Medium2024-03-29
CVE-2024-30463 WordPress BEAR plugin <= 1.1.4.3 - Broken Access Control vulnerability — BEARCWE-862 4.3 Medium2024-03-29
CVE-2024-30456 WordPress WPCS – WordPress Currency Switcher Professional plugin <=1.2.0.1 - Cross Site Request Forgery (CSRF) vulnerability — WPCSCWE-352 4.3 Medium2024-03-29
CVE-2024-30457 WordPress MDTF plugin <= 1.3.3.1 - Cross Site Request Forgery (CSRF) vulnerability — WordPress Meta Data and Taxonomies Filter (MDTF)CWE-352 4.3 Medium2024-03-29
CVE-2024-30458 WordPress FOX – Currency Switcher Professional for WooCommerce plugin <= 1.4.1.7 - Cross Site Request Forgery (CSRF) vulnerability — WOOCS – WooCommerce Currency SwitcherCWE-352 4.3 Medium2024-03-29
CVE-2024-3061 HUSKY – Products Filter Professional for WooCommerce <= 1.3.5.2 - Authenticated (Admin+) Local File Inclusion — HUSKY – Products Filter Professional for WooCommerceCWE-98 7.2 High2024-03-29
CVE-2024-30200 WordPress BEAR plugin <= 1.1.4.2 - Reflected Cross Site Scripting (XSS) vulnerability — BEARCWE-79 7.1 High2024-03-28
CVE-2024-29763 WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability — WordPress Meta Data and Taxonomies Filter (MDTF)CWE-79 7.1 High2024-03-27
CVE-2024-29932 WordPress WordPress Meta Data and Taxonomies Filter (MDTF) plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability — WordPress Meta Data and Taxonomies Filter (MDTF)CWE-79 6.5 Medium2024-03-27
CVE-2024-29906 WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability — WordPress Meta Data and Taxonomies Filter (MDTF)CWE-79 5.9 Medium2024-03-27
CVE-2024-24835 WordPress BEAR plugin <= 1.1.4 - Broken Access Control vulnerability — BEARCWE-862 4.3 Medium2024-03-23
CVE-2023-50861 WordPress HUSKY plugin <= 1.3.4.3 - Cross Site Request Forgery (CSRF) vulnerability — HUSKY – Products Filter for WooCommerce (formerly WOOF)CWE-352 4.3 Medium2024-03-15
CVE-2024-1795 HUSKY – Products Filter for WooCommerce Professional <= 1.3.5.2 - Authenticated (Contributor+) SQL Injection — HUSKY – Products Filter Professional for WooCommerceCWE-89 8.8 High2024-03-15
CVE-2024-1796 HUSKY – Products Filter for WooCommerce Professional <= 1.3.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — HUSKY – Products Filter Professional for WooCommerceCWE-79 6.4 Medium2024-03-15
CVE-2023-51480 WordPress Active Products Tables for WooCommerce Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS) — Active Products Tables for WooCommerce. Professional products tables for WooCommerce storeCWE-79 6.5 Medium2024-02-10
CVE-2024-24834 WordPress BEAR Plugin <= 1.1.4 is vulnerable to Cross Site Scripting (XSS) — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-79 5.9 Medium2024-02-08
CVE-2024-0790 WOLF – WordPress Posts Bulk Editor and Manager Professional <= 1.0.8.1 - Cross-Site Request Forgery — WOLF – WordPress Posts Bulk Editor and Manager ProfessionalCWE-352 5.4 Medium2024-02-05
CVE-2024-0796 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store <= 1.0.6.1 - Cross-Site Request Forgery — Active Products Tables for WooCommerce. Use constructor to create tablesCWE-352 4.3 Medium2024-02-05
CVE-2024-0791 WOLF – WordPress Posts Bulk Editor and Manager Professional <= 1.0.8.1 - Missing Authorization — WOLF – WordPress Posts Bulk Editor and Manager ProfessionalCWE-862 4.3 Medium2024-02-05
CVE-2024-0797 Active Products Tables for WooCommerce. Professional products tables for WooCommerce store <= 1.0.6.1 - Missing Authorization — Active Products Tables for WooCommerce. Use constructor to create tablesCWE-862 4.3 Medium2024-02-05
CVE-2023-51506 WordPress WPCS Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) — WPCS – WordPress Currency Switcher ProfessionalCWE-79 5.5 Medium2024-02-01
CVE-2024-22159 WordPress WOLF Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS) — WOLF – WordPress Posts Bulk Editor and Manager ProfessionalCWE-79 7.1 High2024-01-31
CVE-2023-6556 FOX – Currency Switcher Professional for WooCommerce <= 1.4.1.6 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting — FOX – Currency Switcher Professional for WooCommerceCWE-79 5.4 Medium2024-01-11
CVE-2023-51505 WordPress Active Products Tables for WooCommerce Plugin <= 1.0.6 is vulnerable to PHP Object Injection — Active Products Tables for WooCommerce. Professional products tables for WooCommerce storeCWE-502 10.0 Critical2023-12-29
CVE-2023-40010 WordPress HUSKY – Products Filter for WooCommerce (formerly WOOF) Plugin <= 1.3.4.2 is vulnerable to SQL Injection — HUSKY – Products Filter for WooCommerce ProfessionalCWE-89 9.3 Critical2023-12-20
CVE-2023-49834 WordPress WOOCS – WooCommerce Currency Switcher Plugin <= 1.4.1.4 is vulnerable to Cross Site Request Forgery (CSRF) — FOX – Currency Switcher Professional for WooCommerceCWE-352 5.4 Medium2023-12-17
CVE-2023-46152 WordPress WOLF Plugin <= 1.0.7.1 is vulnerable to Cross Site Request Forgery (CSRF) — WOLF – WordPress Posts Bulk Editor and Manager ProfessionalCWE-352 4.3 Medium2023-10-24
CVE-2023-4941 BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-862 4.3 Medium2023-10-20
CVE-2023-4926 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.NetCWE-352 5.4 Medium2023-10-20

This page lists every published CVE security advisory associated with realmag777. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.