Filters
Software
woocommerce woocommerce
15
woocommerce automatewoo
7
woocommerce shipping multiple addresses
4
woocommerce woocommerce pre-orders
4
woocommerce returns and warranty requests
3
woocommerce paypal checkout payment gateway
2
woocommerce product addons
2
woocommerce box office wordpress
1
woocommerce brands
1
woocommerce composite products
1
woocommerce gift cards
1
woocommerce help scout wordpress
1
woocommerce icons for features
1
woocommerce nab transact
1
woocommerce payu india payment gateway
1
woocommerce persian woocommerce sms
1
woocommerce persian-woocommerce
1
woocommerce product recommendations
1
woocommerce sidebar manager to woosidebars converter
1
woocommerce stripe payment gateway
1
woocommerce subscriptions
1
woocommerce upload files wordpress
1
woocommerce woocommerce box office
1
woocommerce woocommerce brands
1
woocommerce woocommerce currency switcher
1
woocommerce woocommerce order barcodes
1
woocommerce woocommerce order status change notifier
1
woocommerce wooframework branding
1
woocommerce wooframework tweaks
1
woocommerce woosidebars wordpress
1
Woocommerce WoocommerceWooCommerce <= 9.0.2 - Unauthenticated HTML Injection
6.1
EPSS
0.05%
First published (updated )
Woocommerce Returns And Warranty RequestsWordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability
6.5
First published (updated )
Woocommerce Returns And Warranty RequestsWordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability
5.3
First published (updated )
Woocommerce Shipping Multiple AddressesWordPress WooCommerce Ship to Multiple Addresses plugin <= 3.8.9 - Broken Access Control vulnerability
5.4
First published (updated )
composer/woocommerce/woocommerceWooCommerce has a Cross-Site Scripting Vulnerability in checkout & registration forms
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Woocommerce Box Office WordpressWordPress WooCommerce Box Office plugin <= 1.1.51 - Unauthenticated Save Ticket Barcode vulnerability
6.5
First published (updated )
Woocommerce WoocommerceWooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion
4.3
First published (updated )
Woocommerce WoocommerceWordPress WooCommerce Plugin <= 8.2.2 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Woocommerce Product AddonsWordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to PHP Object Injection
8.2
First published (updated )
Woocommerce Shipping Multiple AddressesWordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.3 is vulnerable to Insecure Direct Object References (IDOR)
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Woocommerce AutomatewooWordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Arbitrary File Upload
9.9
First published (updated )
Woocommerce AutomatewooWordPress AutomateWoo Plugin <= 5.7.1 is vulnerable to SQL Injection
7.6
First published (updated )
Woocommerce AutomatewooWordPress WooCommerce Follow-Up Emails Plugin <= 4.9.50 is vulnerable to SQL Injection
8.5
First published (updated )
Woocommerce Product RecommendationsWordPress WooCommerce Product Recommendations Plugin < 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Woocommerce AutomatewooWordPress AutomateWoo Plugin <= 5.7.1 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Woocommerce Product AddonsWordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Woocommerce Woocommerce Box OfficeWordPress WooCommerce Box Office Plugin <= 1.1.50 is vulnerable to Cross Site Scripting (XSS)
6.5
First published (updated )
Woocommerce Returns And Warranty RequestsWordPress WooCommerce Warranty Requests Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)
7.1
First published (updated )
Woocommerce Woocommerce BrandsWordPress WooCommerce Brands Plugin <= 1.6.45 is vulnerable to Cross Site Scripting (XSS)
6.5
First published (updated )
Woocommerce Woocommerce Pre-ordersWordPress WooCommerce Pre-Orders Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Woocommerce Woocommerce Pre-ordersWordPress WooCommerce Pre-Orders Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)
7.1
First published (updated )
Woocommerce Composite ProductsWordPress WooCommerce Composite Products Plugin <= 8.7.5 is vulnerable to Cross Site Scripting (XSS)
7.1
First published (updated )
Woocommerce WoocommerceWordPress Product page shipping calculator for WooCommerce Plugin <= 1.3.25 is vulnerable to Cross Site Scripting (XSS)
5.9
First published (updated )
Woocommerce Shipping Multiple AddressesWordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.5 is vulnerable to Cross Site Scripting (XSS)
7.1
First published (updated )
Woocommerce Woocommerce Pre-ordersWooCommerce Pre-Orders < 2.0.3 - Arbitrary Pre-Order Canceling via CSRF
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Woocommerce Woocommerce Pre-ordersWooCommerce Pre-Orders < 2.0.3 - Unauthorised Actions via CSRF
6.5
First published (updated )
Woocommerce Shipping Multiple AddressesWordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.5 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Woocommerce AutomatewooWordPress AutomateWoo Plugin <= 5.7.5 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Woocommerce Woocommerce Order BarcodesWordPress WooCommerce Order Barcodes Plugin <= 1.6.4 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Woocommerce BrandsWordPress WooCommerce Brands Plugin <= 1.6.49 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-35917WordPress WooCommerce PayPal Payments Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)
8.8
First published (updated )
CVE-2023-35918WordPress WooCommerce Bulk Stock Management Plugin <= 2.2.33 is vulnerable to Cross Site Scripting (XSS)
7.1
First published (updated )
Woocommerce Stripe Payment GatewayUnauth. IDOR vulnerability leading to PII Disclosure in WooCommerce Stripe Payment Gateway plugin <=…
7.5
First published (updated )
Woocommerce Sidebar Manager To Woosidebars ConverterWooSidebars Sidebar Manager Converter Plugin class-woosidebars-sbm-converter.php process_request redirect
6.1
First published (updated )
Woocommerce Woosidebars WordpressWooSidebars Plugin class-woo-sidebars.php enable_custom_post_sidebars redirect
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Woocommerce Wooframework TweaksWooFramework Tweaks Plugin wooframework-tweaks.php admin_screen_logic redirect
6.1
First published (updated )
Woocommerce Wooframework BrandingWooFramework Branding Plugin wooframework-branding.php admin_screen_logic redirect
6.1
First published (updated )
Woocommerce AutomatewooWordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Cross Site Scripting (XSS)
7.1
First published (updated )
Woocommerce Woocommerce Order Status Change NotifierWooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Woocommerce Icons For FeaturesIcons for Features Plugin class-icons-for-features-admin.php redirect
6.1
First published (updated )
Woocommerce WoocommerceWooCommerce < 6.6.0 - Admin+ Stored HTML Injection
4.8
First published (updated )
Woocommerce Persian-woocommercePersian Woocommerce <= 5.8.0 - Reflected Cross-Site Scripting
6.1
First published (updated )
Woocommerce Woocommerce Currency SwitcherWooCommerce Currency Switcher < 1.3.7.1 - Reflected Cross-Site Scripting
6.1
First published (updated )
Woocommerce WoocommerceBlind SQL Injection possible via Authenticated Web-hook Search API Endpoint
4.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Woocommerce WoocommerceWoocommerce < 5.2.0 - Authenticated Stored Cross-Site Scripting (XSS)
4.8
First published (updated )
WooCommerce Help Scout WordPressMalicious File Upload
9.8
First published (updated )
WooCommerce Upload Files WordPressMalicious File Upload, Path Traversal
First published (updated )
composer/woocommerce/woocommerceThe WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbi…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.