wedevs
Web & CMS Pluginscommercial
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting wedevs.
- CVE-2022-47150WordPress WooCommerce Conversion Tracking plugin <= 2.0.10 - Cross-Site Request Forgery (CSRF) vulnerability4.3
- CVE-2026-4058User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.3.2 - Missing Authorization to Authenticated (Subscriber+) Subscription Pack Cancellation4.3
- CVE-2026-4834WP ERP Pro <= 1.5.1 - Unauthenticated SQL Injection via 'search_key' Parameter7.5
- CVE-2026-5127User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.3.1 - Authenticated (Subscriber+) PHP Object Injection8.8
- CVE-2026-25468WordPress Happy Addons for Elementor plugin <= 3.20.8 - Sensitive Data Exposure vulnerability5.3
- CVE-2026-42412WordPress WP User Frontend plugin <= 4.3.1 - Broken Access Control vulnerability6.5
- CVE-2026-39520WordPress weDocs plugin <= 2.1.18 - Broken Access Control vulnerability5.3
- CVE-2026-32485WordPress WP User Frontend plugin <= 4.2.8 - Broken Access Control vulnerability7.5
- CVE-2026-24364WordPress WP User Frontend plugin <= 4.2.5 - Broken Access Control vulnerability6.5
- CVE-2026-2233User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Missing Authorization to Unauthenticated Arbitrary Post Modification via 'post_id' Parameter5.3
- CVE-2026-31917WordPress WP ERP plugin <= 1.16.10 - SQL Injection vulnerability8.5
- CVE-2026-1565User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Authenticated (Author+) Arbitrary File Upload8.8
- CVE-2025-14339weMail <= 2.0.7 - Missing Authorization to Unauthenticated Form Deletion6.5
- CVE-2026-24944WordPress Subscribe2 plugin <= 10.44 - Broken Access Control vulnerability6.5
- CVE-2025-13921weDocs <= 2.1.16 - Missing Authorization to Authenticated (Subscriber+) Documentation Post Update4.3