Exposure of WooCommerce
Ecommerce, WordPress plugins1,776
exposure score
591,334
sites use
0
exploited
157
critical
CVEs
2,028 resultsCVE-2021-4208—ExportFeed <= 2.0.1.0 - Admin+ SQL InjectionEPSS 1.3%CVE-2023-34000HIGHWordPress WooCommerce Stripe Payment Gateway Plugin <= 7.4.0 is vulnerable to Insecure Direct Object References (IDOR)EPSS 1.2%CVE-2023-0942MEDIUMJapanized For WooCommerce <= 2.5.4 - Reflected Cross-Site ScriptingEPSS 1.2%CVE-2024-6365CRITICALProduct Table by WBW <= 2.0.1 - Unauthenticated Remote Code ExecutionEPSS 1.2%CVE-2019-25150HIGHEmail Templates <= 1.3 - HTML InjectionEPSS 1.2%CVE-2023-0865—WooCommerce Multiple Customer Addresses & Shipping < 21.7 - Arbitrary Address Creation/Deletion/Access/Update via IDOREPSS 1.2%CVE-2022-23982MEDIUMWordPress Perfect Brands for WooCommerce plugin <= 2.0.4 - Server Information Exposure vulnerabilityEPSS 1.2%CVE-2022-0989—NS WooCommerce Watermark <= 2.11.3 - Abuse of FunctionalityEPSS 1.2%CVE-2021-24991—WooCommerce PDF Invoices & Packing Slips < 2.10.5 - Reflected Cross-Site ScriptingEPSS 1.2%CVE-2022-28666MEDIUMWordPress Custom Product Tabs for WooCommerce plugin <= 1.7.7 - Broken Access Control vulnerabilityEPSS 1.2%CVE-2023-2781HIGHUser Email Verification for WooCommerce <= 3.5.0 - Authentication BypassEPSS 1.2%CVE-2024-10820CRITICALWooCommerce Upload Files <= 84.3 - Unauthenticated Arbitrary File UploadEPSS 1.2%CVE-2024-1468HIGHAvada | Website Builder For WordPress & WooCommerce <= 7.11.4 - Authenticated (Contributor+) Arbitrary File UploadEPSS 1.2%CVE-2024-9821HIGHBot for Telegram on WooCommerce <= 1.2.7 - Authenticated (Subscriber+) Telegram Bot Token Disclosure to Authentication BypassEPSS 1.2%CVE-2024-0683HIGHBulgarisation for WooCommerce <= 3.0.14 - Missing AuthorizationEPSS 1.2%CVE-2024-1950HIGHProduct Carousel Slider & Grid Ultimate for WooCommerce <= 1.9.7 - Authenticated(Contributor+) PHP Object InjectionEPSS 1.2%CVE-2022-3335HIGHKadence WooCommerce Email Designer < 1.5.7 - Admin+ PHP Objection InjectionEPSS 1.1%CVE-2025-4603CRITICALeMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File DeletionEPSS 1.1%CVE-2020-36725HIGHTI WooCommerce Wishlist <= 1.21.11 and TI WooCommerce Wishlist Pro <= 1.21.4 - Arbitrary Options UpdateEPSS 1.1%CVE-2023-6979HIGHCustomer Reviews for WooCommerce <= 5.38.9 - Authenticated (Author+) Arbitrary File UploadEPSS 1.1%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →