Woocommerce Dropshipping CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-49071	2 Opmc, Wordpress	2 Woocommerce Dropshipping, Wordpress	2026-06-17	6.5 Medium
Unauthenticated Broken Authentication in WooCommerce Dropshipping <= 5.2.4 versions.
CVE-2022-3481	1 Opmc	1 Woocommerce Dropshipping	2025-05-01	9.8 Critical
The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection
CVE-2024-35748	1 Opmc	1 Woocommerce Dropshipping	2024-11-21	5.3 Medium
Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.This issue affects WooCommerce Dropshipping: from n/a through 5.0.4.

Page 1 of 1.