Known Vulnerabilities for products from WPFactory
Listed below are 15 of the newest known vulnerabilities associated with the vendor "WPFactory".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-24993 json | Not Provided | 2026-03-25 | 2026-03-26 | |
| CVE-2026-23977 json | Not Provided | 2026-03-25 | 2026-03-26 | |
| CVE-2025-62096 json | Not Provided | 2025-12-31 | 2026-04-01 | |
| CVE-2025-58985 json | Not Provided | 2025-09-09 | 2026-04-01 | |
| CVE-2025-57972 json | Not Provided | 2025-09-22 | 2026-04-01 | |
| CVE-2025-57911 json | Not Provided | 2025-09-22 | 2026-04-01 | |
| CVE-2025-49987 json | Not Provided | 2025-06-20 | 2026-04-01 | |
| CVE-2025-49887 json | Not Provided | 2025-08-14 | 2026-04-01 | |
| CVE-2025-49510 json | Not Provided | 2025-06-10 | 2026-04-01 | |
| CVE-2025-49319 json | Not Provided | 2025-07-16 | 2026-04-01 | |
| CVE-2025-48254 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Change Add to... | Not Provided | 2025-05-19 | 2026-04-01 |
| CVE-2025-48253 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping... | Not Provided | 2025-05-19 | 2026-04-01 |
| CVE-2025-48252 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button W... | Not Provided | 2025-05-19 | 2026-04-01 |
| CVE-2024-44061 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory EU/UK VAT Man... | Not Provided | 2024-10-20 | 2026-04-01 |
| CVE-2024-13774 json | The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery i... | Not Provided | 2025-03-08 | 2026-04-08 |
| CVE-2024-0821 json | The Cost of Goods Sold (COGS): Cost & Profit Calculator for WooCommerce plugin for WordPress is vulnerable to Reflected Cross... | Not Provided | 2024-02-29 | 2026-04-08 |
| CVE-2023-51399 json | 5.4 - MEDIUM | 2023-12-29 | 2024-01-05 | |
| CVE-2023-47547 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2023-11-14 | 2023-11-20 |
| CVE-2023-36689 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFactory WPFactory Helper plugin <= 1.5.2 versions. | 6.1 - MEDIUM | 2023-08-05 | 2023-08-09 |
| CVE-2023-6897 json | The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and inc... | Not Provided | 2024-04-18 | 2026-04-08 |
Known software with vulnerabilities from WPFactory
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Wpfactory | Download Plugins And Themes From Dashboard | - |