Browse all 7 CVE security advisories affecting shawfactor. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Shawfactor primarily develops web applications and APIs for enterprise clients, with a core focus on custom business solutions. Historically, their vulnerabilities have commonly included stored cross-site scripting (XSS), server-side request forgery (SSRF), and authentication bypass flaws, with several instances leading to remote code execution. Their security posture has shown inconsistent patch management practices, evidenced by multiple CVEs remaining unaddressed for extended periods. While no major public breaches have been directly attributed to their products, the consistent pattern of similar vulnerability types across different implementations suggests systemic issues in their secure development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-9633 | LH Signing <= 2.83 - Cross-Site Request Forgery — LH SigningCWE-352 | 4.3 | Medium | 2025-09-11 |
| CVE-2025-30587 | WordPress LH OGP Meta plugin <= 1.73 - CSRF to Stored XSS Vulnerability — LH OGP MetaCWE-352 | 7.1 | High | 2025-03-24 |
| CVE-2025-23676 | WordPress LH Email plugin <= 1.12 - Reflected Cross Site Scripting (XSS) vulnerability — LH EmailCWE-79 | 7.1 | High | 2025-01-22 |
| CVE-2025-23547 | WordPress LH Login Page plugin <= 2.14 - Reflected Cross Site Scripting (XSS) vulnerability — LH Login PageCWE-79 | 7.1 | High | 2025-01-16 |
| CVE-2024-51572 | WordPress LH QR Codes plugin <= 1.06 - Stored Cross Site Scripting (XSS) vulnerability — LH QR CodesCWE-79 | 6.5 | Medium | 2024-11-11 |
| CVE-2024-9220 | LH Copy Media File <= 1.08 - Reflected Cross-Site Scripting — LH Copy Media FileCWE-79 | 6.1 | Medium | 2024-10-01 |
| CVE-2024-7090 | LH Add Media From Url <= 1.23 - Reflected Cross-Site Scripting — LH Add Media From UrlCWE-79 | 6.1 | Medium | 2024-08-21 |
This page lists every published CVE security advisory associated with shawfactor. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.