Vulnerabilities > Automattic > Woopayments > 3.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-31 | CVE-2023-51503 | Authorization Bypass Through User-Controlled Key vulnerability in Automattic Woopayments Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 6.9.2. | 7.5 |
| 2023-12-20 | CVE-2023-35915 | SQL Injection vulnerability in Automattic Woopayments Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0. | 9.8 |
| 2023-12-20 | CVE-2023-35916 | Authorization Bypass Through User-Controlled Key vulnerability in Automattic Woopayments Authorization Bypass Through User-Controlled Key vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 5.9.0. | 7.5 |
| 2023-12-14 | CVE-2023-49828 | Cross-site Scripting vulnerability in Automattic Woopayments Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooPayments – Fully Integrated Solution Built and Supported by Woo allows Stored XSS.This issue affects WooPayments – Fully Integrated Solution Built and Supported by Woo: from n/a through 6.4.2. | 5.4 |