Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

wpswings — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting wpswings. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Wpswings develops WordPress plugins primarily for e-commerce and business management solutions. Historically, their plugins have frequently contained vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities across their products has resulted in 16 CVEs to date, indicating systemic security weaknesses in their development practices. Their plugins' broad functionality and integration with multiple WordPress systems increase potential attack surfaces when vulnerabilities are present.

Found 3 results / 16Clear Filters
Top products by wpswings: Return Refund and Exchange For WooCommerce Ultimate Gift Cards for WooCommerce Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription Payments WooCommerce Ultimate Gift Card One Click Upsell Funnel for Woocommerce Upsell Funnel Builder for WooCommerce – Create Upsells, Cross-Sells, Order Bumps, Frequently Bought, and Popups. WooCommerce Ultimate Points And Rewards Subscriptions for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2025-5103 Ultimate Gift Cards for WooCommerce <= 3.1.4 - Authenticated (Administrator+) SQL Injection via wps_wgm_save_post Function — Ultimate Gift Cards for WooCommerceCWE-89 4.9 Medium2025-06-03
CVE-2024-1857 Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates <= 2.6.6 - Missing Authorization to Unauthenticated Information Exposure — Ultimate Gift Cards for WooCommerceCWE-862 5.3 Medium2024-03-16
CVE-2021-4391 Ultimate Gift Cards for WooCommerce <= 2.1.1 - Cross-Site Request Forgery Bypass — Ultimate Gift Cards for WooCommerceCWE-352 4.3 Medium2023-07-01

This page lists every published CVE security advisory associated with wpswings. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.