Filters

Software

automattic wp super cache
3
automattic crowdsignal dashboard
2
automattic jetpack
2
automattic woocommerce
2
automattic woocommerce bookings
2
automattic woopayments
2
automattic camptix event ticketing
1
automattic canada post shipping method
1
automattic canvas
1
automattic jetpack crm
1
automattic sensei lms
1
automattic vaultpress
1
automattic w3 super cache
1
automattic woocommerce blocks
1
automattic woocommerce gocardless
1
automattic woocommerce square
1
automattic woocommerce subscriptions
1

Automattic Sensei LmsSensei LMS < 4.24.2 - Unauthenticated Email Template Leak

high
7.5
EPSS
0.22%
First published (updated )
CVE-2024-7786

Automattic Crowdsignal DashboardWordPress Crowdsignal Dashboard – Polls, Surveys & more Plugin <= 3.0.11 is vulnerable to Cross Site Scripting (XSS)

high
7.1
First published (updated )
CVE-2023-51488

Automattic WoopaymentsWordPress WooCommerce Payments Plugin <= 6.6.2 is vulnerable to Insecure Direct Object References (IDOR)

high
7.5
First published (updated )
CVE-2023-51503

Automattic Woocommerce BookingsWordPress WooCommerce Bookings Plugin <= 1.15.78 is vulnerable to Insecure Direct Object References (IDOR)

high
7.5
First published (updated )
CVE-2023-32747

Automattic Woocommerce SubscriptionsWordPress WooCommerce Subscriptions Plugin <= 5.1.2 is vulnerable to Insecure Direct Object References (IDOR)

high
7.5
First published (updated )
CVE-2023-35914

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Automattic WoopaymentsWordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to Insecure Direct Object References (IDOR)

high
7.5
First published (updated )
CVE-2023-35916

Automattic Woocommerce SquareWordPress WooCommerce Square Plugin <= 3.8.1 is vulnerable to Insecure Direct Object References (IDOR)

high
8.1
First published (updated )
CVE-2023-35876

Automattic Woocommerce GocardlessWordPress WooCommerce GoCardless Gateway Plugin <= 2.5.6 is vulnerable to Insecure Direct Object References (IDOR)

high
8.2
First published (updated )
CVE-2023-37871

Automattic Canada Post Shipping MethodWordPress WooCommerce Canada Post Shipping Plugin <= 2.8.3 is vulnerable to Cross Site Request Forgery (CSRF)

high
8.8
First published (updated )
CVE-2023-47789

Automattic Woocommerce BookingsWordPress WooCommerce Bookings Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

high
8.8
First published (updated )
CVE-2023-47787

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Automattic Jetpack CrmThe Jetpack CRM plugin for WordPress is vulnerable to PHAR deserialization via the ‘zbscrmcsvimpf’ p…

high
8.8
First published (updated )
CVE-2022-3342

Automattic JetpackJetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API

high
8.8
First published (updated )
CVE-2023-2996

Automattic Crowdsignal DashboardWordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability

high
8.8
First published (updated )
CVE-2022-45069

Automattic VaultpressVaultPress Plugin code injection

high
7.5
First published (updated )
CVE-2017-20086

Automattic Woocommerce BlocksArbitrary SQL (SQL injection) possible via the Store API component.

high
7.5
First published (updated )
CVE-2021-32789

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Automattic Wp Super CacheWP Super Cache < 1.7.3 - Authenticated Remote Code Execution

high
7.2
First published (updated )
CVE-2021-24312

Automattic Wp Super CacheCVE-2021-24209

First published (updated )
CVE-2021-24209

Automattic CanvasBuffer Overflow

high
8.8
First published (updated )
CVE-2020-8215

Automattic Wp Super CacheWordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution

high
8.8
First published (updated )
CVE-2013-2009

Automattic W3 Super CacheWordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could…

high
8.8
First published (updated )
CVE-2013-2011

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Automattic Camptix Event TicketingCommand Injection

high
7.5
First published (updated )
CVE-2016-10762

Automattic WoocommerceCode Injection

high
8.8
First published (updated )
CVE-2017-18356

Automattic WoocommercePath Traversal

high
7.5
First published (updated )
CVE-2017-17058

Automattic JetpackSQL Injection

high
7.5
First published (updated )
CVE-2011-4673

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203