Vendor
Experts
Products
1
CVEs
3
Across products
3
Status
Private
Products
1- 3 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-57904 | Med | 0.38 | 5.9 | 0.00 | Sep 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-EXPERTS.IN Sales Count Manager for WooCommerce wc-sales-count-manager allows Stored XSS.This issue affects Sales Count Manager for WooCommerce: from n/a through <= 2.6. | ||
| CVE-2025-64249 | Med | 0.34 | 5.3 | 0.00 | Dec 16, 2025 | Missing Authorization vulnerability in WP-EXPERTS.IN Protect WP Admin protect-wp-admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protect WP Admin: from n/a through <= 4.1. | ||
| CVE-2008-5267 | 0.03 | — | 0.01 | Nov 28, 2008 | SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the question_id parameter. |
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-EXPERTS.IN Sales Count Manager for WooCommerce wc-sales-count-manager allows Stored XSS.This issue affects Sales Count Manager for WooCommerce: from n/a through <= 2.6.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in WP-EXPERTS.IN Protect WP Admin protect-wp-admin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protect WP Admin: from n/a through <= 4.1.
- CVE-2008-5267Nov 28, 2008risk 0.03cvss —epss 0.01
SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the question_id parameter.