Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

tychesoftwares — Vulnerabilities & Security Advisories 31

Browse all 31 CVE security advisories affecting tychesoftwares. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Tychesoftwares operates primarily in the software development and IT services sector, providing enterprise solutions that often involve complex web applications and database management systems. Historical security audits reveal a pattern of vulnerabilities typical for mid-sized software vendors, with Remote Code Execution (RCE) and Cross-Site Scripting (XSS) representing the most frequent critical flaws. These issues often stem from insufficient input validation and improper access controls within their proprietary platforms. While no single catastrophic data breach has been widely publicized, the accumulation of 31 Common Vulnerabilities and Exposures (CVEs) indicates a recurring struggle with secure coding practices. The organization has generally responded to disclosures by issuing patches, yet the high volume of recorded incidents suggests systemic weaknesses in their development lifecycle. This profile highlights the need for rigorous third-party security assessments to mitigate the risk of exploitation in their deployed environments.

Top products by tychesoftwares: Arconix Shortcodes Print Invoice & Delivery Notes for WooCommerce Abandoned Cart Lite for WooCommerce Product Input Fields for WooCommerce Product Delivery Date for WooCommerce – Lite Arconix FAQ Order Delivery Date for WooCommerce Order Delivery Date for WP e-Commerce Custom Order Numbers for WooCommerce Call for Price for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2026-6447 Call for Price for WooCommerce <= 4.2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Call for Price' Label Settings — Call for Price for WooCommerceCWE-79 4.4 Medium2026-05-02
CVE-2026-25317 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.9.0 - Broken Access Control vulnerability — Print Invoice & Delivery Notes for WooCommerceCWE-862 7.5 High2026-03-25
CVE-2026-24946 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.8.0 - Broken Access Control vulnerability — Print Invoice & Delivery Notes for WooCommerceCWE-862 6.5 Medium2026-02-20
CVE-2025-69027 WordPress Product Delivery Date for WooCommerce – Lite plugin <= 3.2.0 - Broken Access Control vulnerability — Product Delivery Date for WooCommerce – LiteCWE-862 5.3 Medium2025-12-30
CVE-2025-13773 Print Invoice & Delivery Notes for WooCommerce <= 5.8.0 - Unauthenticated Remote Code Execution — Print Invoice & Delivery Notes for WooCommerceCWE-94 9.8 Critical2025-12-24
CVE-2025-63024 WordPress Order Delivery Date for WooCommerce plugin <= 4.3.1 - Broken Access Control vulnerability — Order Delivery Date for WooCommerceCWE-862 5.4 Medium2025-12-09
CVE-2025-13835 WordPress Arconix Shortcodes plugin <= 2.1.20 - Cross Site Scripting (XSS) vulnerability — Arconix ShortcodesCWE-79 6.5 Medium2025-12-01
CVE-2025-66085 WordPress Arconix Shortcodes plugin <= 2.1.18 - Broken Access Control vulnerability — Arconix ShortcodesCWE-862 4.3 Medium2025-11-21
CVE-2025-66071 WordPress Custom Order Numbers for WooCommerce plugin <= 1.11.0 - Broken Access Control vulnerability — Custom Order Numbers for WooCommerceCWE-862 5.3 Medium2025-11-21
CVE-2025-58599 WordPress Order Delivery Date for WooCommerce Plugin <= 4.1.0 - Broken Access Control Vulnerability — Order Delivery Date for WooCommerceCWE-862 4.3 Medium2025-09-03
CVE-2025-49858 WordPress Arconix Shortcodes plugin <= 2.1.17 - Cross Site Scripting (XSS) Vulnerability — Arconix ShortcodesCWE-79 6.5 Medium2025-06-17
CVE-2025-49874 WordPress Arconix FAQ plugin <= 1.9.6 - Broken Access Control Vulnerability — Arconix FAQCWE-862 4.3 Medium2025-06-17
CVE-2025-49239 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.5.0 - Cross Site Request Forgery (CSRF) Vulnerability — Print Invoice & Delivery Notes for WooCommerceCWE-352 5.4 Medium2025-06-06
CVE-2025-47673 WordPress Arconix Shortcodes plugin <= 2.1.16 - Reflected Cross Site Scripting (XSS) vulnerability — Arconix ShortcodesCWE-79 7.1 High2025-05-23
CVE-2025-24621 WordPress Arconix Shortcodes plugin <= 2.1.15 - Reflected Cross Site Scripting (XSS) vulnerability — Arconix ShortcodesCWE-79 7.1 High2025-04-17
CVE-2025-32531 WordPress Arconix FAQ plugin <= 1.9.5 - Reflected Cross Site Scripting (XSS) vulnerability — Arconix FAQCWE-79 7.1 High2025-04-17
CVE-2024-13359 Product Input Fields for WooCommerce <= 1.12.0 - Unauthenticated Limited File Upload — Product Input Fields for WooCommerceCWE-434 8.1 High2025-03-08
CVE-2024-13640 Print Invoice & Delivery Notes for WooCommerce <= 5.4.1 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory — Print Invoice & Delivery Notes for WooCommerceCWE-200 5.9 Medium2025-03-08
CVE-2024-56242 WordPress Arconix Shortcodes plugin <= 2.1.14 - Cross Site Scripting (XSS) vulnerability — Arconix ShortcodesCWE-79 6.5 Medium2025-01-02
CVE-2024-12210 Print Invoice & Delivery Notes for WooCommerce <= 5.4.0 - Missing Authorization to Authenticated (Subscriber+) Logo Deletion — Print Invoice & Delivery Notes for WooCommerceCWE-862 4.3 Medium2024-12-24
CVE-2023-41671 WordPress Abandoned Cart Lite for WooCommerce plugin <= 5.16.1 - Cross Site Request Forgery (CSRF) vulnerability — Abandoned Cart Lite for WooCommerceCWE-862 5.4 Medium2024-12-13
CVE-2024-10857 Product Input Fields for WooCommerce <= 1.9 - Authenticated (Contributor+) Arbitrary File Read — Product Input Fields for WooCommerceCWE-35 6.5 Medium2024-11-26
CVE-2024-10882 Product Delivery Date for WooCommerce - Lite <= 2.8.0 - Reflected Cross-Site Scripting — Product Delivery Date for WooCommerce – LiteCWE-79 6.1 Medium2024-11-13
CVE-2024-10226 Arconix Shortcodes <= 2.1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via box Shortcode — Arconix ShortcodesCWE-79 6.4 Medium2024-10-29
CVE-2024-9703 Arconix Shortcodes <= 2.1.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Arconix ShortcodesCWE-79 6.4 Medium2024-10-18
CVE-2024-9345 Product Delivery Date for WooCommerce – Lite <= 2.7.3 - Reflected Cross-Site Scripting — Product Delivery Date for WooCommerce – LiteCWE-79 6.1 Medium2024-10-04
CVE-2024-0678 Order Delivery Date for WP e-Commerce <= 1.2 - Unauthenticated Stored Cross-Site Scripting — Order Delivery Date for WP e-CommerceCWE-79 6.5 Medium2024-02-05
CVE-2021-4414 Abandoned Cart Lite for WooCommerce <= 5.8.5 - Cross-Site Request Forgery Bypass — Abandoned Cart Lite for WooCommerceCWE-352 4.3 Medium2023-07-12
CVE-2019-25152 Abandoned Cart Lite for WooCommerce < 5.2.0 and Abandoned Cart Pro for WooCommerce < 7.13.0 - Stored Cross-Site Scripting — Abandoned Cart Lite for WooCommerceCWE-79 7.2 High2023-06-22
CVE-2023-2986 Abandoned Cart Lite for WooCommerce <= 5.15.1 - Authentication Bypass — Abandoned Cart Lite for WooCommerceCWE-288 9.8 Critical2023-06-08

This page lists every published CVE security advisory associated with tychesoftwares. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.