Vulnerabilities > Woocommerce
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-16 | CVE-2022-0775 | Incorrect Authorization vulnerability in Woocommerce The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment | 4.3 |
2024-01-08 | CVE-2023-52222 | Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2. | 8.8 |
2023-12-28 | CVE-2023-32795 | Deserialization of Untrusted Data vulnerability in Woocommerce Product Addons Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3. | 7.2 |
2023-12-21 | CVE-2023-32799 | Authorization Bypass Through User-Controlled Key vulnerability in Woocommerce Shipping multiple Addresses Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3. | 6.5 |
2023-12-20 | CVE-2023-33318 | Unrestricted Upload of File with Dangerous Type vulnerability in Woocommerce Automatewoo Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40. | 8.8 |
2023-12-20 | CVE-2023-32743 | SQL Injection vulnerability in Woocommerce Automatewoo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1. | 4.9 |
2023-12-20 | CVE-2023-33330 | SQL Injection vulnerability in Woocommerce Automatewoo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50. | 8.1 |
2023-11-09 | CVE-2023-32744 | Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Product Recommendations Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Recommendations plugin <= 2.3.0 versions. | 8.8 |
2023-11-09 | CVE-2023-32745 | Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Automatewoo Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions. | 8.8 |
2023-11-09 | CVE-2023-32794 | Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Product Addons Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions. | 8.8 |