Exposición de WooCommerce
Ecommerce, WordPress plugins1807
score de exposición
591.334
sitios usan
0
en explotación
158
críticos
CVEs
2037 resultadosCVE-2021-34636HIGHCountdown and CountUp, WooCommerce Sales Timer <= 1.5.7 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.6%CVE-2023-6090CRITICALWordPress Mollie Payments for WooCommerce Plugin <= 7.3.11 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2024-30231CRITICALWordPress Product Import Export for WooCommerce plugin <= 2.4.1 - Arbitrary File Upload vulnerabilityEPSS 0.6%CVE-2024-13744HIGHBooster for WooCommerce 4.0.1 - 7.2.4 - Unauthenticated Arbitrary File UploadEPSS 0.6%CVE-2023-52224MEDIUMWordPress Revolut Gateway for WooCommerce plugin <= 4.9.7 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2025-13156HIGHVitepos – Point of Sale (POS) for WooCommerce <= 3.3.0 - Authenticated (Subscriber+) Arbitrary File Upload to Remote Code ExecutionEPSS 0.6%CVE-2025-4200HIGHZagg - Electronics & Accessories WooCommerce WordPress Theme <= 1.4.1 - Unauthenticated Local File InclusionEPSS 0.6%CVE-2023-51502HIGHWordPress WooCommerce Stripe Payment Gateway Plugin <= 7.6.1 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.6%CVE-2022-45377MEDIUMWordPress Drag and Drop Multiple File Upload for WooCommerce Plugin <= 1.0.8 is vulnerable to Multiple VulnerabilitiesEPSS 0.6%CVE-2026-2296HIGHProduct Addons for Woocommerce – Product Options with Custom Fields <= 3.1.0 - Authenticated (Shop Manager+) Code Injection via Conditional Logic 'operator' ParameterEPSS 0.6%CVE-2024-2203MEDIUMThe Plus Addons for Elementor <= 5.4.1 - Authenticated (Contributor+) Local File Inclusion via Clients WidgetEPSS 0.6%CVE-2023-48333MEDIUMWordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data ExposureEPSS 0.6%CVE-2024-12402CRITICALThemes Coder – Create Android & iOS Apps For Your Woocommerce Site <= 1.3.4 - Insecure Direct Object Reference to Password Change/Account Takeover/Privilege EscalationEPSS 0.6%CVE-2023-3365HIGHMultiParcels Shipping For WooCommerce < 1.14.14 - Subscriber+ Arbitrary Shipment DeletionEPSS 0.6%CVE-2024-0976MEDIUMWP Event Manager <= 3.1.41 - Reflected Cross-Site Scripting via pluginEPSS 0.6%CVE-2024-10792MEDIUMEasiest Funnel Builder For WordPress & WooCommerce by WPFunnels <= 3.5.5 - Reflected Cross-Site ScriptingEPSS 0.6%CVE-2022-41655MEDIUMWordPress Phone Orders for WooCommerce plugin <= 3.7.1 - Auth. Sensitive Data Exposure vulnerabilityEPSS 0.6%CVE-2022-0397—WPC Smart Wishlist for WooCommerce < 2.9.4 - Reflected Cross-Site ScriptingEPSS 0.6%CVE-2024-33628HIGHWordPress XforWooCommerce plugin <= 2.0.2 - Authenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-35658HIGHWordPress Checkout Field Editor for WooCommerce (Pro) plugin <= 3.6.2 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →