Vulnerabilities > Woocommerce
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2022-0775 | Incorrect Authorization vulnerability in Woocommerce The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment | 4.3 |
| 2024-01-08 | CVE-2023-52222 | Unspecified vulnerability in Woocommerce Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2. | 8.8 |
| 2023-12-28 | CVE-2023-32795 | Unspecified vulnerability in Woocommerce Product Addons 6.1.3 Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3. | 7.2 |
| 2023-12-21 | CVE-2023-32799 | Authorization Bypass Through User-Controlled Key vulnerability in Woocommerce Shipping multiple Addresses Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3. | 6.5 |
| 2023-12-20 | CVE-2023-33318 | Unspecified vulnerability in Woocommerce Automatewoo Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40. | 8.8 |
| 2023-12-20 | CVE-2023-32743 | Unspecified vulnerability in Woocommerce Automatewoo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1. | 4.9 |
| 2023-12-20 | CVE-2023-33330 | Unspecified vulnerability in Woocommerce Automatewoo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50. | 8.1 |
| 2023-11-09 | CVE-2023-32744 | Unspecified vulnerability in Woocommerce Product Recommendations Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Recommendations plugin <= 2.3.0 versions. | 8.8 |
| 2023-11-09 | CVE-2023-32745 | Unspecified vulnerability in Woocommerce Automatewoo Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions. | 8.8 |
| 2023-11-09 | CVE-2023-32794 | Unspecified vulnerability in Woocommerce Product Addons 6.1.3 Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions. | 8.8 |