Exposure of WooCommerce
Ecommerce, WordPress plugins1,776
exposure score
591,334
sites use
0
exploited
157
critical
CVEs
2,028 resultsCVE-2022-3908MEDIUMHelloprint < 1.4.7 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2024-10486MEDIUMGoogle for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info FileEPSS 0.9%CVE-2021-25062—Orders Tracking for WooCommerce < 1.1.10 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2021-4331HIGHThe Plus Addons for Elementor PRO <= 4.1.9 & The Plus Addons for Elementor <= 2.0.6 - Authenticated (Contributor+) Privilege EscalationEPSS 0.9%CVE-2024-3957MEDIUMBooster for WooCommerce <= 7.1.8 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.9%CVE-2023-5601CRITICALWooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File UploadEPSS 0.9%CVE-2023-5957HIGHNi Purchase Order(PO) For WooCommerce <= 1.2.1 - Admin+ File Upload to Remote Code ExecutionEPSS 0.9%CVE-2021-25043—WOOCS < 1.3.7.3 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2021-24928—Rearrange Woocommerce Products < 3.0.8 - Subscriber+ SQL InjectionEPSS 0.9%CVE-2021-38349MEDIUMIntegration of Moneybird for WooCommerce <= 2.1.1 Reflected Cross-Site ScriptingEPSS 0.9%CVE-2021-25077—Store Toolkit for WooCommerce < 2.3.2 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2022-0399—Advanced Product Labels for WooCommerce < 1.2.3.7 - Reflected Cross-Site ScriptingEPSS 0.9%CVE-2022-4106HIGHWholesale Market for WooCommerce < 1.0.7 - Unauthenticated Arbitrary File DownloadEPSS 0.9%CVE-2024-5335CRITICALUltimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 1.6.4 - Unauthenticated PHP Object InjectionEPSS 0.9%CVE-2024-9756MEDIUMOrder Attachments for WooCommerce 2.0 - 2.4.1 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary File UploadEPSS 0.9%CVE-2022-0818—Coupon Affiliates < 4.16.4.5 - Unauthenticated Stored XSSEPSS 0.9%CVE-2022-34868HIGHWordPress ЮKassa для WooCommerce plugin <= 2.3.0 - Authenticated Arbitrary Settings Update vulnerabilityEPSS 0.9%CVE-2024-4185HIGHCustomer Email Verification for WooCommerce <= 2.7.4 - Email Verification and Authentication Bypass due to Insufficient RandomnessEPSS 0.9%CVE-2023-0948MEDIUMJapanized For WooCommerce < 2.5.8 - Reflected XSSEPSS 0.9%CVE-2026-3891CRITICALPix for WooCommerce <= 1.5.0 - Unauthenticated Arbitrary File UploadEPSS 0.8%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →