Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
woocommerce woocommerce vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2021-24846
The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin prior to 1.9.7, used by the niwoocos_ajax AJAX action, available to all authenticated users, does not properly sanitise the sort parameter before using it in a SQL statement, leading to an SQL inj...
Ni Woocommerce Custom Order Status Project Ni Woocommerce Custom Order Status
383
VMScore
CVE-2014-4549
Multiple cross-site scripting (XSS) vulnerabilities in pages/3DComplete.php in the WooCommerce SagePay Direct Payment Gateway plugin prior to 0.1.6.7 for WordPress allow remote malicious users to inject arbitrary web script or HTML via the (1) MD or (2) PARes parameter.
Woocommerce Sagepay Direct Payment Gateway Project Woocommerce Sagepay Direct Payment Gateway
NA
CVE-2022-30998
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress.
Homepage Product Organizer For Woocommerce Project Homepage Product Organizer For Woocommerce
NA
CVE-2023-45072
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kardi Order auto complete for WooCommerce plugin <= 1.2.0 versions.
Order Auto Complete For Woocommerce Project Order Auto Complete For Woocommerce
668
VMScore
CVE-2022-0814
The Ubigeo de Perú para Woocommerce WordPress plugin prior to 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections
Ubigeo De Peru Para Woocommerce Project Ubigeo De Peru Para Woocommerce
NA
CVE-2023-0865
The WooCommerce Multiple Customer Addresses & Shipping WordPress plugin prior to 21.7 does not ensure that the address to add/update/retrieve/delete and duplicate belong to the user making the request, or is from a high privilege users, allowing any authenticated users, such ...
Woocommerce Multiple Customer Addresses \\& Shipping Project Woocommerce Multiple Customer Addresses \\& Shipping
NA
CVE-2022-4329
The Product list Widget for Woocommerce WordPress plugin up to and including 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both unauthenticated and authenticated users (s...
Product List Widget For Woocommerce Project Product List Widget For Woocommerce
383
VMScore
CVE-2021-42363
The Preview E-Mails for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the search_order parameter found in the ~/views/form.php file which allows malicious users to inject arbitrary web scripts, in versions up to and including 1.6.8.
Preview E-mails For Woocommerce Project Preview E-mails For Woocommerce
605
VMScore
CVE-2022-0215
The Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ), and Side Cart Woocommerce (Ajax) WordPress plugins by XootiX are vulnerable to Cross-Site Request Forgery via the save_settings function found in the ~/includes/xoo-framework/admin/class-xoo-admin-settings.p...
Xootix Login\\/signup Popup
Xootix Side Cart Woocommerce
Xootix Waitlist Woocommerce
NA
CVE-2019-25152
The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and o...
Tychesoftwares Abandoned Cart Lite For Woocommerce
Tychesoftwares Abandoned Cart Pro For Woocommerce
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »