Vulnerabilities > WOO

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-16	CVE-2017-20193	Cross-site Scripting vulnerability in WOO Product Vendors The Product Vendors is vulnerable to Reflected Cross-Site Scripting via the 'vendor_description' parameter in versions up to, and including, 2.0.35 due to insufficient input sanitization and output escaping. network low complexity woo CWE-79	6.1
2024-06-11	CVE-2023-52186	Missing Authorization vulnerability in WOO Product Vendors Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2. network low complexity woo CWE-862	5.3
2023-12-18	CVE-2023-33331	SQL Injection vulnerability in WOO Product Vendors Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.76. network low complexity woo CWE-89	7.2
2023-10-31	CVE-2023-35879	Unspecified vulnerability in WOO Product Vendors Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.78. network low complexity woo critical	9.8

Vulnerabilities > WOO {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"WOO"}]}