Vulnerabilities > Wisetr > User Email Verification FOR Woocommerce > 3.1.9

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-03	CVE-2023-2781	Missing Authentication for Critical Function vulnerability in Wisetr User Email Verification for Woocommerce The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticate_user_by_email in versions up to, and including, 3.5.0. network low complexity wisetr CWE-306 critical	9.8
2019-08-29	CVE-2018-21007	Improper Access Control vulnerability in Wisetr User Email Verification FOR Woocommerce The woo-confirmation-email plugin before 3.2.0 for WordPress has no blocking of direct access to supportive xl folders inside uploads. network low complexity wisetr CWE-284	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.