Browse all 4 CVE security advisories affecting webwizardsdev. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Webwizardsdev develops web applications and APIs for enterprise clients, with a core focus on custom business solutions. Historically, their products have shown vulnerabilities in remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and misconfigured access controls. While no major public security incidents have been documented, their four recorded CVEs highlight consistent issues with authentication mechanisms and insecure direct object references. The organization's security posture appears reactive rather than proactive, with vulnerabilities typically addressed only after disclosure. Their codebase demonstrates a pattern of security oversights in session management and data sanitization, suggesting a need for more rigorous security testing throughout the development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-13519 | MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution <= 1.9.80 - Authenticated (Shop Manager+) Stored Cross-Site Scripting — MarketKing — Ultimate WooCommerce Multivendor Marketplace SolutionCWE-79 | 4.4 | Medium | 2025-01-18 |
| CVE-2024-12413 | MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution <= 2.0.00 - Missing Authorization — MarketKing — Ultimate WooCommerce Multivendor Marketplace SolutionCWE-862 | 5.3 | Medium | 2024-12-25 |
| CVE-2023-3126 | B2BKing <= 4.6.00 - Missing Authorization to Authenticated(Subscriber+) Information Disclosure — B2BKing — Ultimate WooCommerce B2B and Wholesale Plugin — Wholesale Prices, Bulk Order Form & MoreCWE-862 | 4.3 | Medium | 2023-06-07 |
| CVE-2023-3125 | B2BKing <= 4.6.00 - Missing Authorization to Authenticated(Subscriber+) Price Modification — B2BKing — Ultimate WooCommerce B2B and Wholesale Plugin — Wholesale Prices, Bulk Order Form & MoreCWE-862 | 6.5 | Medium | 2023-06-07 |
This page lists every published CVE security advisory associated with webwizardsdev. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.