4:["$","div",null,{"className":"wrap","children":[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"CollectionPage\",\"name\":\"Vulnerabilities in WPFactory\",\"url\":\"https://vexday.io/en/vendor/WPFactory\",\"isPartOf\":{\"@type\":\"WebSite\",\"name\":\"Vexday\",\"url\":\"https://vexday.io\"},\"mainEntity\":{\"@type\":\"ItemList\",\"numberOfItems\":48},\"breadcrumb\":{\"@type\":\"BreadcrumbList\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https://vexday.io/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Technologies\",\"item\":\"https://vexday.io/en/vendors\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"WPFactory\"}]}}"}}],["$","nav",null,{"className":"crumbs","children":[["$","$La",null,{"href":"/en","children":"Home"}]," ",["$","span",null,{"children":"/"}]," ",["$","$La",null,{"href":"/en/vendors","children":"Technologies"}]," ",["$","span",null,{"children":"/"}]," ",["$","b",null,{"children":"WPFactory"}]]}],["$","div",null,{"className":"sec-head","style":{"marginTop":18},"children":[["$","h1",null,{"style":{"fontSize":"1.7rem","margin":0,"fontFamily":"var(--font-display)","fontWeight":700},"children":["Vulnerabilities in"," ",["$","span",null,{"style":{"color":"var(--orange)"},"children":"WPFactory"}]]}],["$","span",null,{"className":"t","children":["48"," ","results"]}]]}],["$","div",null,{"className":"list","children":[["$","$La","CVE-2024-34370",{"className":"item","href":"/en/cve/CVE-2024-34370","children":[["$","span",null,{"className":"cid","children":"CVE-2024-34370"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress EAN for WooCommerce plugin <= 4.8.9 - Arbitrary Option Update to Privilege Escalation vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"1.1%"}]]}],false]}]]}],["$","$La","CVE-2023-23868",{"className":"item","href":"/en/cve/CVE-2023-23868","children":[["$","span",null,{"className":"cid","children":"CVE-2023-23868"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Cost of Goods for WooCommerce plugin <= 2.8.6 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.6%"}]]}],false]}]]}],["$","$La","CVE-2025-31553",{"className":"item","href":"/en/cve/CVE-2025-31553","children":[["$","span",null,{"className":"cid","children":"CVE-2025-31553"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.1 - SQL Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.5%"}]]}],false]}]]}],["$","$La","CVE-2023-47547",{"className":"item","href":"/en/cve/CVE-2023-47547","children":[["$","span",null,{"className":"cid","children":"CVE-2023-47547"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Products, Order & Customers Export for WooCommerce Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS)"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-30781",{"className":"item","href":"/en/cve/CVE-2025-30781","children":[["$","span",null,{"className":"cid","children":"CVE-2025-30781"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Scheduled & Automatic Order Status Controller for WooCommerce plugin <= 3.7.1 - Open Redirection Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-49305",{"className":"item","href":"/en/cve/CVE-2024-49305","children":[["$","span",null,{"className":"cid","children":"CVE-2024-49305"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Customer Email Verification for WooCommerce plugin <= 2.8.10 - SQL Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2024-31276",{"className":"item","href":"/en/cve/CVE-2024-31276","children":[["$","span",null,{"className":"cid","children":"CVE-2024-31276"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Products, Order & Customers Export for WooCommerce plugin <= 2.0.8 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-31848",{"className":"item","href":"/en/cve/CVE-2025-31848","children":[["$","span",null,{"className":"cid","children":"CVE-2025-31848"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress WordPress Adverts Plugin plugin <= 1.4 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2026-23977",{"className":"item","href":"/en/cve/CVE-2026-23977","children":[["$","span",null,{"className":"cid","children":"CVE-2026-23977"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Helpdesk Support Ticket System for WooCommerce plugin <= 2.1.2 - Broken Access Control vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2023-36689",{"className":"item","href":"/en/cve/CVE-2023-36689","children":[["$","span",null,{"className":"cid","children":"CVE-2023-36689"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress WPFactory Helper Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.4%"}]]}],false]}]]}],["$","$La","CVE-2025-49887",{"className":"item","href":"/en/cve/CVE-2025-49887","children":[["$","span",null,{"className":"cid","children":"CVE-2025-49887"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Product XML Feed Manager for WooCommerce Plugin <= 2.9.3 - Remote Code Execution (RCE) Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2023-51399",{"className":"item","href":"/en/cve/CVE-2023-51399","children":[["$","span",null,{"className":"cid","children":"CVE-2023-51399"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-30959",{"className":"item","href":"/en/cve/CVE-2025-30959","children":[["$","span",null,{"className":"cid","children":"CVE-2025-30959"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Product XML Feed Manager for WooCommerce <= 2.9.2 - Broken Access Control Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-39601",{"className":"item","href":"/en/cve/CVE-2025-39601","children":[["$","span",null,{"className":"cid","children":"CVE-2025-39601"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Custom CSS, JS & PHP plugin <= 2.4.1 - CSRF to RCE vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-43127",{"className":"item","href":"/en/cve/CVE-2024-43127","children":[["$","span",null,{"className":"cid","children":"CVE-2024-43127"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Products, Order & Customers Export for WooCommerce plugin <= 2.0.11 - Reflected Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2026-24993",{"className":"item","href":"/en/cve/CVE-2026-24993","children":[["$","span",null,{"className":"cid","children":"CVE-2026-24993"}],["$","span",null,{"className":"sevtag CRITICAL","children":"CRITICAL"}],["$","span",null,{"className":"tt2","children":"WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.3 - SQL Injection vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-56228",{"className":"item","href":"/en/cve/CVE-2024-56228","children":[["$","span",null,{"className":"cid","children":"CVE-2024-56228"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Wishlist for WooCommerce: Multi Wishlists Per Customer plugin <= 3.1.2 - Reflected Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2024-54209",{"className":"item","href":"/en/cve/CVE-2024-54209","children":[["$","span",null,{"className":"cid","children":"CVE-2024-54209"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress Awesome Shortcodes plugin <= 1.7.2 - Reflected Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-49319",{"className":"item","href":"/en/cve/CVE-2025-49319","children":[["$","span",null,{"className":"cid","children":"CVE-2025-49319"}],["$","span",null,{"className":"sevtag MEDIUM","children":"MEDIUM"}],["$","span",null,{"className":"tt2","children":"WordPress Wishlist for WooCommerce <= 3.2.3 - Broken Access Control Vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}],["$","$La","CVE-2025-32552",{"className":"item","href":"/en/cve/CVE-2025-32552","children":[["$","span",null,{"className":"cid","children":"CVE-2025-32552"}],["$","span",null,{"className":"sevtag HIGH","children":"HIGH"}],["$","span",null,{"className":"tt2","children":"WordPress MSRP (RRP) Pricing for WooCommerce Plugin <= 1.8.1 - Reflected Cross Site Scripting (XSS) vulnerability"}],["$","span",null,{"className":"bd","children":[["$","span",null,{"className":"epss","children":["EPSS ",["$","b",null,{"children":"0.3%"}]]}],false]}]]}]]}],["$","div",null,{"className":"pagination","children":[["$","span",null,{"className":"off","children":"← previous"}],["$","span",null,{"className":"pgnum","children":["page"," ","1"," / ","3"]}],["$","$La",null,{"href":"?page=2","children":"next →"}]]}]]}]