Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wpcodefactory — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting wpcodefactory. AI-powered Chinese analysis, POCs, and references for each vulnerability.

WPCodeFactory operates primarily as a developer tool provider, offering plugins that enable WordPress administrators to insert custom code snippets, manage headers, and handle conditional logic without directly editing theme files. This functionality, while convenient, introduces significant security risks when poorly implemented. Historically, the company’s software has been associated with twenty-one recorded Common Vulnerabilities and Exposures (CVEs), predominantly involving unauthenticated remote code execution, cross-site scripting, and privilege escalation flaws. These vulnerabilities often stem from insufficient input validation and inadequate nonce verification in API endpoints, allowing attackers to execute arbitrary PHP code or manipulate administrative functions. Notable incidents highlight the critical nature of these defects, as they frequently grant full server control to malicious actors. The recurring pattern of severe bugs underscores the necessity for rigorous security auditing in code management plugins, as even minor oversights can lead to complete site compromise and data exfiltration.

Found 1 results / 21Clear Filters
Top products by wpcodefactory: Customer Email Verification for WooCommerce Download Plugins and Themes in ZIP from Dashboard EAN Barcode Generator for WooCommerce: UPC, ISBN & GTIN Inventory EU/UK VAT Validation Manager for WooCommerce Cost of Goods: Product Cost & Profit Calculator for WooCommerce Price by Quantity & Bulk Quantity Discounts for WooCommerce Export Products, Orders & Customers for WooCommerce Maximum Products per User for WooCommerce PDF Invoices & Packing Slips Generator for WooCommerce Custom CSS, JS & PHP Additional Custom Order Status for WooCommerce Wishlist for WooCommerce: Multi Wishlists Per Customer Stock History & Reports Manager for WooCommerce Order Minimum/Maximum Amount Limits for WooCommerce WholeSale Products Dynamic Pricing Management WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2024-11814 Additional Custom Order Status for WooCommerce <= 1.6.0 - Reflected Cross-Site Scripting — Additional Custom Order Status for WooCommerceCWE-79 6.1 Medium2024-12-04

This page lists every published CVE security advisory associated with wpcodefactory. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.