Latest medium severity vulnerabilities for vendor "wpfactory"

Filter

AND

Sort:

Software

wpfactory

wpfactory eu/uk vat manager for woocommerce wordpress

wpfactory additional custom product tabs for woocommerce

wpfactory cost of goods for woocommerce

wpfactory cost of goods for woocommerce wordpress

wpfactory custom checkout fields for woocommerce

wpfactory custom css, js & php

wpfactory customer email verification for woocommerce

wpfactory download plugins and themes from dashboard

wpfactory ean barcode generator

wpfactory ean for woocommerce

wpfactory maximum products per user for woocommerce

wpfactory products, order & customers export for woocommerce

wpfactory quantity dynamic pricing & bulk discounts for woocommerce

wpfactory quantity dynamic pricing & bulk discounts for woocommerce wordpress

wpfactory scheduled & automatic order status controller for woocommerce

wpfactory wishlist for woocommerce

WPFactory Custom Checkout Fields for WooCommerceWordPress Custom Checkout Fields for WooCommerce <= 1.8.3 - Cross Site Scripting (XSS) Vulnerability

medium

6.5

First published (updated )

CVE-2025-47504

WordPress Additional Custom Product Tabs for WooCommerceWordPress Additional Custom Product Tabs for WooCommerce plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability

medium

6.5

First published (updated )

CVE-2025-26749

Wpfactory Quantity Dynamic Pricing & Bulk Discounts for WooCommerceWordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 4.0.0 - Stored Cross Site Scripting (XSS) vulnerability

medium

6.5

EPSS

0.03%

First published (updated )

CVE-2025-31598

WPFactory EAN Barcode GeneratorWordPress EAN Barcode Generator <= 5.3.5 - Broken Access Control vulnerability

medium

4.3

First published (updated )

CVE-2025-22673

WordPress Scheduled & Automatic Order Status Controller for WooCommerceWordPress Scheduled & Automatic Order Status Controller for WooCommerce <= 3.7.1 - Open Redirection Vulnerability

medium

4.7

EPSS

0.03%

First published (updated )

CVE-2025-30781

Never miss a vulnerability like this again

Read More Start Free Trial

WooCommerce Wishlist for WooCommerceWishlist for WooCommerce: Multi Wishlists Per Customer <= 3.1.7 - Cross-Site Request Forgery to Cross-Site Scriping via Wishlist Name

medium

6.5

First published (updated )

CVE-2024-13774

Wpfactory Customer Email Verification for WooCommerceCustomer Email Verification for WooCommerce <= 2.9.4 - Authenticated (Contributor+) Sensitive Information Exposure

medium

6.5

First published (updated )

CVE-2024-13525

WooCommerce Cost of GoodsWordPress Cost of Goods for WooCommerce plugin <= 2.8.6 - Broken Access Control vulnerability

medium

5.4

First published (updated )

CVE-2023-23868

Wpfactory Products, Order & Customers Export For WoocommerceProducts, Order & Customers Export for WooCommerce <= 2.0.15 - Reflected Cross-Site Scripting

medium

6.1

EPSS

0.05%

First published (updated )

CVE-2024-9377

Wpfactory Maximum Products Per User For WoocommerceMaximum Products per User for WooCommerce <= 4.2.8 - Reflected Cross-Site Scripting

medium

6.1

EPSS

0.05%

First published (updated )

CVE-2024-9205

Never miss a vulnerability like this again

Read More Start Free Trial

Wpfactory Quantity Dynamic Pricing & Bulk Discounts for WooCommerce WordPressQuantity Dynamic Pricing & Bulk Discounts for WooCommerce <= 3.8.0 - Reflected Cross-Site Scripting

medium

6.1

EPSS

0.05%

First published (updated )

CVE-2024-9384

Wpfactory EU/UK VAT Manager for WooCommerce WordPressEU/UK VAT Manager for WooCommerce <= 2.12.12 - Missing Authorization

medium

5.3

EPSS

0.05%

First published (updated )

CVE-2024-9189

Wpfactory EU/UK VAT Manager for WooCommerce WordPressEU/UK VAT Manager for WooCommerce <= 2.12.12 - Reflected Cross-Site Scripting

medium

6.1

EPSS

0.05%

First published (updated )

CVE-2024-8788

WpfactoryWPFactory Helper <= 1.7.0 - Reflected Cross-Site Scripting

medium

6.1

EPSS

0.05%

First published (updated )

CVE-2024-8656

WPFactory EAN for WooCommerceXSS

medium

6.4

First published (updated )

CVE-2023-6892

Never miss a vulnerability like this again

Read More Start Free Trial

WooCommerce EAN for WooCommerceThe EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in al…

medium

4.3

First published (updated )

CVE-2023-6897

WpfactoryWordPress Slugs Manager plugin <= 2.6.7 - Cross Site Request Forgery (CSRF) vulnerability

medium

4.3

EPSS

0.04%

First published (updated )

CVE-2024-30536

WooCommerce Cost & Profit CalculatorXSS

medium

6.1

First published (updated )

CVE-2024-0821

WpfactoryWordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)

medium

6.5

First published (updated )

CVE-2023-51399

Wpfactory Custom Css, Js & PhpCSRF

medium

4.3

First published (updated )

CVE-2021-4418

Never miss a vulnerability like this again

Read More Start Free Trial

WpfactoryFile Renaming on Upload < 2.5.2 - Admin+ Stored Cross-Site Scripting

medium

4.8

First published (updated )

CVE-2023-2684

WpfactoryEAN for WooCommerce < 4.4.3 - Contributor+ Stored XSS

medium

5.4

First published (updated )

CVE-2023-0062

Wpfactory Download Plugins And Themes From DashboardXSS

medium

6.1

First published (updated )

CVE-2019-17239

Trending

Software

WPFactory Custom Checkout Fields for WooCommerceWordPress Custom Checkout Fields for WooCommerce <= 1.8.3 - Cross Site Scripting (XSS) Vulnerability

WordPress Additional Custom Product Tabs for WooCommerceWordPress Additional Custom Product Tabs for WooCommerce plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability

Wpfactory Quantity Dynamic Pricing & Bulk Discounts for WooCommerceWordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 4.0.0 - Stored Cross Site Scripting (XSS) vulnerability

WPFactory EAN Barcode GeneratorWordPress EAN Barcode Generator <= 5.3.5 - Broken Access Control vulnerability

WordPress Scheduled & Automatic Order Status Controller for WooCommerceWordPress Scheduled & Automatic Order Status Controller for WooCommerce <= 3.7.1 - Open Redirection Vulnerability

Never miss a vulnerability like this again

WooCommerce Wishlist for WooCommerceWishlist for WooCommerce: Multi Wishlists Per Customer <= 3.1.7 - Cross-Site Request Forgery to Cross-Site Scriping via Wishlist Name

Wpfactory Customer Email Verification for WooCommerceCustomer Email Verification for WooCommerce <= 2.9.4 - Authenticated (Contributor+) Sensitive Information Exposure

WooCommerce Cost of GoodsWordPress Cost of Goods for WooCommerce plugin <= 2.8.6 - Broken Access Control vulnerability

Wpfactory Products, Order & Customers Export For WoocommerceProducts, Order & Customers Export for WooCommerce <= 2.0.15 - Reflected Cross-Site Scripting

Wpfactory Maximum Products Per User For WoocommerceMaximum Products per User for WooCommerce <= 4.2.8 - Reflected Cross-Site Scripting

Never miss a vulnerability like this again

Wpfactory Quantity Dynamic Pricing & Bulk Discounts for WooCommerce WordPressQuantity Dynamic Pricing & Bulk Discounts for WooCommerce <= 3.8.0 - Reflected Cross-Site Scripting

Wpfactory EU/UK VAT Manager for WooCommerce WordPressEU/UK VAT Manager for WooCommerce <= 2.12.12 - Missing Authorization

Wpfactory EU/UK VAT Manager for WooCommerce WordPressEU/UK VAT Manager for WooCommerce <= 2.12.12 - Reflected Cross-Site Scripting

WpfactoryWPFactory Helper <= 1.7.0 - Reflected Cross-Site Scripting

WPFactory EAN for WooCommerceXSS

Never miss a vulnerability like this again

WooCommerce EAN for WooCommerceThe EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in al…

WpfactoryWordPress Slugs Manager plugin <= 2.6.7 - Cross Site Request Forgery (CSRF) vulnerability

WooCommerce Cost & Profit CalculatorXSS

WpfactoryWordPress Back Button Widget Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)

Wpfactory Custom Css, Js & PhpCSRF

Never miss a vulnerability like this again

WpfactoryFile Renaming on Upload < 2.5.2 - Admin+ Stored Cross-Site Scripting

WpfactoryEAN for WooCommerce < 4.4.3 - Contributor+ Stored XSS

Wpfactory Download Plugins And Themes From DashboardXSS

Company

Resources

Contact