Vulnerabilities > Woocommerce > High

DATE CVE VULNERABILITY TITLE RISK
2024-01-08 CVE-2023-52222 Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce
Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2.
network
low complexity
woocommerce CWE-352
8.8
8.8
2023-12-28 CVE-2023-32795 Deserialization of Untrusted Data vulnerability in Woocommerce Product Addons
Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3.
network
low complexity
woocommerce CWE-502
7.2
7.2
2023-12-20 CVE-2023-33318 Unrestricted Upload of File with Dangerous Type vulnerability in Woocommerce Automatewoo
Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40.
network
low complexity
woocommerce CWE-434
8.8
8.8
2023-12-20 CVE-2023-33330 SQL Injection vulnerability in Woocommerce Automatewoo
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50.
network
low complexity
woocommerce CWE-89
8.1
8.1
2023-11-09 CVE-2023-32744 Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Product Recommendations
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Recommendations plugin <= 2.3.0 versions.
network
low complexity
woocommerce CWE-352
8.8
8.8
2023-11-09 CVE-2023-32745 Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Automatewoo
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions.
network
low complexity
woocommerce CWE-352
8.8
8.8
2023-11-09 CVE-2023-32794 Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Product Addons
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions.
network
low complexity
woocommerce CWE-352
8.8
8.8
2023-07-17 CVE-2023-36511 Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Order Barcodes
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Order Barcodes plugin <= 1.6.4 versions.
network
low complexity
woocommerce CWE-352
8.8
8.8
2023-07-17 CVE-2023-36513 Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Automatewoo
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.5 versions.
network
low complexity
woocommerce CWE-352
8.8
8.8
2023-07-17 CVE-2023-36514 Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce Shipping multiple Addresses
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions.
network
low complexity
woocommerce CWE-352
8.8
8.8