Vulnerabilities > Woocommerce

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-15	CVE-2017-18356	Code Injection vulnerability in Woocommerce In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. network low complexity woocommerce CWE-94	8.8
2018-02-08	CVE-2015-2329	Cross-site Scripting vulnerability in Woocommerce Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted order. network low complexity woocommerce CWE-79	6.1
2017-01-04	CVE-2016-10112	Cross-site Scripting vulnerability in Woocommerce Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.6.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML by providing crafted tax-rate table values in CSV format. network low complexity woocommerce CWE-79	4.8

Vulnerabilities > Woocommerce {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Woocommerce"}]}