Vulnerabilities > Woocommerce

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-15	CVE-2024-9944	Cross-site Scripting vulnerability in Woocommerce The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 9.0.2. network low complexity woocommerce CWE-79	6.1
2024-06-14	CVE-2023-51495	Missing Authorization vulnerability in Woocommerce Returns and Warranty Requests Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. network low complexity woocommerce CWE-862	6.5
2024-06-14	CVE-2023-51496	Missing Authorization vulnerability in Woocommerce Returns and Warranty Requests Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. network low complexity woocommerce CWE-862	5.3
2024-06-14	CVE-2023-51497	Missing Authorization vulnerability in Woocommerce Shipping multiple Addresses Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.9. network low complexity woocommerce CWE-862	5.4
2024-06-12	CVE-2024-37297	Cross-site Scripting vulnerability in Woocommerce WooCommerce is an open-source e-commerce platform built on WordPress. network low complexity woocommerce CWE-79	5.4
2024-06-09	CVE-2023-34003	Missing Authorization vulnerability in Woocommerce BOX Office Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51. network low complexity woocommerce CWE-862	5.3
2024-06-09	CVE-2023-51494	Missing Authorization vulnerability in Woocommerce Product Vendors Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.1. network low complexity woocommerce CWE-862 critical	9.8
2024-01-16	CVE-2022-0775	Incorrect Authorization vulnerability in Woocommerce The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment network low complexity woocommerce CWE-863	4.3
2024-01-08	CVE-2023-52222	Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2. network low complexity woocommerce CWE-352	8.8
2023-12-28	CVE-2023-32795	Deserialization of Untrusted Data vulnerability in Woocommerce Product Addons 6.1.3 Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3. network low complexity woocommerce CWE-502	7.2

Vulnerabilities > Woocommerce {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Woocommerce"}]}

Vulnerabilities > Woocommerce