Vendor

wpcraft

Products

CVEs

Across products

Status

Private

Products

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-57956	wpcraft WooMS	Med	0.38	5.9	0.00		Sep 22, 2025	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpcraft WooMS wooms allows Stored XSS.This issue affects WooMS: from n/a through <= 9.12.
CVE-2025-57957	wpcraft WooMS	Med	0.34	5.3	0.00		Sep 22, 2025	Missing Authorization vulnerability in wpcraft WooMS wooms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooMS: from n/a through <= 9.12.

CVE-2025-57956MedSep 22, 2025
wpcraft
WooMS
risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpcraft WooMS wooms allows Stored XSS.This issue affects WooMS: from n/a through <= 9.12.
CVE-2025-57957MedSep 22, 2025
wpcraft
WooMS
risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in wpcraft WooMS wooms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooMS: from n/a through <= 9.12.