Woocommerce CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (132 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-37873	1 Woocommerce	1 Shipping Multiple Addresses	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions.
CVE-2023-36514	1 Woocommerce	1 Shipping Multiple Addresses	2024-11-21	6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions.
CVE-2023-36513	1 Woocommerce	1 Automatewoo	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.5 versions.
CVE-2023-36511	1 Woocommerce	1 Woocommerce Order Barcodes	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Order Barcodes plugin <= 1.6.4 versions.
CVE-2023-35918	1 Woocommerce	1 Bulk Stock Management	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Bulk Stock Management plugin <= 2.2.33 versions.
CVE-2023-35917	1 Woocommerce	1 Paypal Payments	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4 versions.
CVE-2023-35880	1 Woocommerce	1 Brands	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Brands plugin <= 1.6.49 versions.
CVE-2023-34004	1 Woocommerce	1 Woocommerce Box Office	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Box Office plugin <= 1.1.50 versions.
CVE-2023-34003	1 Woocommerce	1 Box Office	2024-11-21	6.5 Medium
Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51.
CVE-2023-33330	1 Woocommerce	1 Automatewoo	2024-11-21	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50.
CVE-2023-33319	1 Woocommerce	1 Automatewoo	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions.
CVE-2023-33318	1 Woocommerce	1 Automatewoo	2024-11-21	9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40.
CVE-2023-33317	1 Woocommerce	1 Returns And Warranty Requests	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Returns and Warranty Requests plugin <= 2.1.6 versions.
CVE-2023-33316	1 Woocommerce	1 Automatewoo	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 versions.
CVE-2023-32802	1 Woocommerce	1 Woocommerce Pre-orders	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Pre-Orders plugin <= 1.9.0 versions.
CVE-2023-32801	1 Woocommerce	1 Composite Products	2024-11-21	7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Composite Products plugin <= 8.7.5 versions.
CVE-2023-32799	1 Woocommerce	1 Shipping Multiple Addresses	2024-11-21	6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3.
CVE-2023-32794	1 Woocommerce	1 Product Addons	2024-11-21	8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions.
CVE-2023-32793	1 Woocommerce	1 Woocommerce Pre-orders	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Pre-Orders plugin <= 2.0.0 versions.
CVE-2023-32746	1 Woocommerce	1 Woocommerce Brands	2024-11-21	6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Brands plugin <= 1.6.45 versions.

« first previous Page 5 of 7. next last »