Vulnerabilities in acowebs
11 resultsCVE-2024-1773HIGHPDF Invoices and Packing Slips For WooCommerce <= 1.3.7 - Authenticated (Subscriber+) PHP Object InjectionEPSS 1.0%CVE-2026-4001CRITICALWoocommerce Custom Product Addons Pro <= 5.4.1 - Unauthenticated Remote Code Execution via Custom Pricing FormulaEPSS 0.7%CVE-2026-2296HIGHProduct Addons for Woocommerce – Product Options with Custom Fields <= 3.1.0 - Authenticated (Shop Manager+) Code Injection via Conditional Logic 'operator' ParameterEPSS 0.6%CVE-2024-30230HIGHWordPress PDF Invoices and Packing Slips For WooCommerce plugin <= 1.3.7 - PHP Object Injection vulnerabilityEPSS 0.6%CVE-2025-62008HIGHWordPress Product Table For WooCommerce plugin <= 1.2.4 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2024-53817HIGHWordPress Acowebs Product Labels For Woocommerce plugin <= 1.5.8 - SQL Injection vulnerabilityEPSS 0.4%CVE-2025-47544HIGHWordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.8 - SQL Injection VulnerabilityEPSS 0.4%CVE-2025-47588CRITICALWordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.9 - Arbitrary Code Execution vulnerabilityEPSS 0.4%CVE-2024-24886MEDIUMWordPress Product Labels For Woocommerce Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)EPSS 0.3%CVE-2025-22638MEDIUMWordPress Product Table For WooCommerce Plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-12087MEDIUMWishlist and Save for later for Woocommerce <= 1.1.22 - Insecure Direct Object Reference to Authenticated (Subscriber+) Wishlist Item DeletionEPSS 0.2%