GCVE - cpe:2.3:a:aa-team:wzone:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:aa-team:wzone:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Aa Team (`53bc9213-62fe-5149-89ad-3d819a311aa9`)
Product	Wzone (`2b0b9727-849e-5405-91ed-fe112aba6f36`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-27040`	vulnerable	2026-06-03 15:18:05.919038	WordPress WZone plugin <= 14.0.31 - Arbitrary File Deletion vulnerability HIGH (8.8) Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through <= 14.0.31. Published: 2026-03-25T16:14:52.312Z Updated: 2026-04-28T16:14:59.712Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/woozone/vulnerability/wordpress-wzone-plugin-14-0-31-arbitrary-file-deletion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-27039`	vulnerable	2026-06-03 15:18:05.918583	WordPress WZone plugin <= 14.0.31 - SQL Injection vulnerability HIGH (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through <= 14.0.31. Published: 2026-03-25T16:14:52.135Z Updated: 2026-04-28T16:14:59.687Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/woozone/vulnerability/wordpress-wzone-plugin-14-0-31-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2026-25473`	vulnerable	2026-06-03 15:16:54.674171	WordPress WZone plugin <= 14.0.31 - Broken Access Control vulnerability MEDIUM (5.4) Missing Authorization vulnerability in AA-Team WZone woozone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WZone: from n/a through <= 14.0.31. Published: 2026-02-19T08:27:09.151Z Updated: 2026-04-28T16:14:59.639Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/woozone/vulnerability/wordpress-wzone-plugin-14-0-31-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33549`	vulnerable	2026-06-03 14:55:52.546687	WordPress WZone plugin <= 14.0.10 - Privilege Escalation vulnerability HIGH (8.8) Improper Privilege Management vulnerability in AA-Team WZone allows Privilege Escalation.This issue affects WZone: from n/a through 14.0.10. Published: 2024-05-17T08:18:11.504Z Updated: 2026-04-28T16:09:42.802Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-privilege-escalation-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33548`	vulnerable	2026-06-03 14:55:52.546371	WordPress WZone plugin <= 14.0.10 - Reflected Cross Site Scripting (XSS) vulnerability HIGH (7.1) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10. Published: 2024-04-29T05:17:53.118Z Updated: 2026-04-28T16:09:42.848Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33547`	vulnerable	2026-06-03 14:55:52.546020	WordPress WZone plugin <= 14.0.10 - Site Wide Broken Access Control vulnerability HIGH (8.3) Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10. Published: 2024-06-09T12:08:46.731Z Updated: 2026-04-28T16:09:42.829Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-site-wide-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33546`	vulnerable	2026-06-03 14:55:52.545598	WordPress WZone plugin <= 14.0.10 - Arbitrary SQL Update Execution vulnerability CRITICAL (9.6) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10. Published: 2024-04-29T06:12:49.965Z Updated: 2026-04-28T16:09:42.670Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-arbitrary-sql-update-execution-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33545`	vulnerable	2026-06-03 14:55:52.542407	WordPress WZone plugin <= 14.0.10 - Unauthenticated Broken Access Control vulnerability MEDIUM (5.3) Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10. Published: 2024-06-09T12:10:04.719Z Updated: 2026-04-28T16:09:42.658Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-unauthenticated-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33544`	vulnerable	2026-06-03 14:55:52.541924	WordPress WZone plugin <= 14.0.10 - Unauthenticated SQL Injection vulnerability CRITICAL (9.3) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10. Published: 2024-04-29T06:14:32.419Z Updated: 2026-04-28T16:09:42.647Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woozone/wordpress-wzone-plugin-14-0-10-unauthenticated-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.