Macrozheng Mall Swarm
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Macrozheng Mall Swarm.
By the Year
In 2026 there have been 0 vulnerabilities in Macrozheng Mall Swarm. Last year, in 2025 Mall Swarm had 6 security vulnerabilities published. Right now, Mall Swarm is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 6 | 5.52 |
It may take a day or so for new Mall Swarm vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Macrozheng Mall Swarm Security Vulnerabilities
mallswarm 1.0.3 delete /member/readHistory/delete Improper Authorization
CVE-2025-14016
5.4 - Medium
- December 04, 2025
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected is the function delete of the file /member/readHistory/delete. Such manipulation of the argument ids leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AuthZ
Mall-swarm 1.0.3 Remote Imp. Auth via orderID (paySuccess)
CVE-2025-13118
6.3 - Medium
- November 13, 2025
A vulnerability was detected in macrozheng mall-swarm up to 1.0.3. Affected by this issue is the function paySuccess of the file /order/paySuccess. The manipulation of the argument orderID results in improper authorization. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AuthZ
Mall-swarm 1.0.3 Improper Auth in cancelOrder (orderId)
CVE-2025-13117
5.4 - Medium
- November 13, 2025
A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Affected by this vulnerability is the function cancelOrder of the file /order/cancelOrder. The manipulation of the argument orderId leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AuthZ
Unauthorized cancelUserOrder in macrozheng mall-swarm <=1.0.3
CVE-2025-13116
5.4 - Medium
- November 13, 2025
A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
AuthZ
Improper Auth via orderId in macrozheng mall-swarm up to 1.0.3 Order Details Hdlr
CVE-2025-13115
4.3 - Medium
- November 13, 2025
A security flaw has been discovered in macrozheng mall-swarm and mall up to 1.0.3. This impacts the function detail of the file /order/detail/ of the component Order Details Handler. Performing manipulation of the argument orderId results in improper authorization. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
AuthZ
Improper Auth in macrozheng mall-swarm 1.0.3 UpdateAttr (Remote)
CVE-2025-13114
6.3 - Medium
- November 13, 2025
A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Macrozheng Mall Swarm or by Macrozheng? Click the Watch button to subscribe.
