Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-15	CVE-2024-9944	Cross-site Scripting vulnerability in Woocommerce The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 9.0.2. network low complexity woocommerce CWE-79	6.1
2024-06-14	CVE-2023-51495	Unspecified vulnerability in Woocommerce Returns and Warranty Requests Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. network low complexity woocommerce	6.5
2024-06-14	CVE-2023-51496	Unspecified vulnerability in Woocommerce Returns and Warranty Requests Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. network low complexity woocommerce	5.3
2024-06-14	CVE-2023-51497	Unspecified vulnerability in Woocommerce Shipping multiple Addresses Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.9. network low complexity woocommerce	5.4
2024-06-12	CVE-2024-37297	Cross-site Scripting vulnerability in Woocommerce WooCommerce is an open-source e-commerce platform built on WordPress. network low complexity woocommerce CWE-79	5.4
2024-06-09	CVE-2023-34003	Unspecified vulnerability in Woocommerce BOX Office Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51. network low complexity woocommerce	5.3
2024-01-16	CVE-2022-0775	Incorrect Authorization vulnerability in Woocommerce The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment network low complexity woocommerce CWE-863	4.3
2023-12-21	CVE-2023-32799	Authorization Bypass Through User-Controlled Key vulnerability in Woocommerce Shipping multiple Addresses Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3. network low complexity woocommerce CWE-639	6.5
2023-12-20	CVE-2023-32743	Unspecified vulnerability in Woocommerce Automatewoo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1. network low complexity woocommerce	4.9
2023-08-30	CVE-2023-34004	Unspecified vulnerability in Woocommerce BOX Office Auth. network low complexity woocommerce	5.4