Vulnerabilities > Woocommerce

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-15	CVE-2024-27193	Unspecified vulnerability in Woocommerce Payu India Payment Gateway Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PayU PayU India allows Reflected XSS.This issue affects PayU India: from n/a through 3.8.2. network low complexity woocommerce	6.1
2024-01-16	CVE-2022-0775	Incorrect Authorization vulnerability in Woocommerce The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment network low complexity woocommerce CWE-863	4.3
2024-01-08	CVE-2023-52222	Unspecified vulnerability in Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2. network low complexity woocommerce	8.8
2023-12-28	CVE-2023-32795	Unspecified vulnerability in Woocommerce Product Addons 6.1.3 Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3. network low complexity woocommerce	7.2
2023-12-21	CVE-2023-32799	Authorization Bypass Through User-Controlled Key vulnerability in Woocommerce Shipping multiple Addresses Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3. network low complexity woocommerce CWE-639	6.5
2023-12-20	CVE-2023-33318	Unspecified vulnerability in Woocommerce Automatewoo Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40. network low complexity woocommerce	8.8
2023-12-20	CVE-2023-32743	Unspecified vulnerability in Woocommerce Automatewoo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1. network low complexity woocommerce	4.9
2023-12-20	CVE-2023-33330	Unspecified vulnerability in Woocommerce Automatewoo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50. network low complexity woocommerce	8.1
2023-11-09	CVE-2023-32744	Unspecified vulnerability in Woocommerce Product Recommendations Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Recommendations plugin <= 2.3.0 versions. network low complexity woocommerce	8.8
2023-11-09	CVE-2023-32745	Unspecified vulnerability in Woocommerce Automatewoo Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions. network low complexity woocommerce	8.8

Vulnerabilities > Woocommerce {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Woocommerce"}]}

Vulnerabilities > Woocommerce