Exposición de WooCommerce
Ecommerce, WordPress plugins1807
score de exposición
591.334
sitios usan
0
en explotación
158
críticos
CVEs
2037 resultadosCVE-2024-37520MEDIUMWordPress ShopBuilder – Elementor WooCommerce Builder Addons plugin <= 2.1.12 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-1088MEDIUMPassword Protected Store for WooCommerce <= 2.2 - Information Exposure via REST APIEPSS 0.6%CVE-2024-4552CRITICALSocial Login Lite For WooCommerce <= 1.6.0 - Authentication BypassEPSS 0.6%CVE-2024-32087HIGHWordPress Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More plugin <= 3.5.7 - Auth. SQL Injection (SQLi) vulnerabilityEPSS 0.6%CVE-2024-13538MEDIUMBigBuy Dropshipping Connector for WooCommerce <= 2.0.0 - Unauthenticated Full Path DisclosuteEPSS 0.6%CVE-2023-0062MEDIUMEAN for WooCommerce < 4.4.3 - Contributor+ Stored XSSEPSS 0.6%CVE-2025-7654HIGHMultiple Plugins By FunnelKit <= (Various Versions) - Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel LibraryEPSS 0.6%CVE-2024-3045HIGHPDF Invoices & Packing Slips for WooCommerce <= 3.8.0 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.6%CVE-2023-26525HIGHWordPress Dokan Plugin <= 3.7.12 is vulnerable to SQL InjectionEPSS 0.6%CVE-2026-5957MEDIUMEmailKit <= 1.6.5 - Authenticated (Author+) Arbitrary File Read via 'emailkit-editor-template' REST ParameterEPSS 0.6%CVE-2023-4703HIGHAll in One B2B for WooCommerce <= 1.0.3 - Unauthenticated Privilege EscalationEPSS 0.6%CVE-2024-10813MEDIUMProduct Table for WooCommerce by CodeAstrology (wooproducttable.com) <= 3.5.1 - Information ExposureEPSS 0.6%CVE-2023-49826HIGHWordPress Soledad Theme <= 8.4.1 is vulnerable to PHP Object InjectionEPSS 0.6%CVE-2024-1795HIGHHUSKY – Products Filter for WooCommerce Professional <= 1.3.5.2 - Authenticated (Contributor+) SQL InjectionEPSS 0.6%CVE-2022-1469—FiboSearch < 1.18.0 - Admin+ Stored Cross-Site ScriptingEPSS 0.6%CVE-2022-2267—MailChimp for Woocommerce < 2.7.1 - Subscriber+ SSRFEPSS 0.6%CVE-2024-3608MEDIUMProduct Designer <= 1.0.33 - Missing Authorization to Unauthenticated Arbitrary Attachment DeletionEPSS 0.6%CVE-2024-1807MEDIUMProduct Sort and Display for WooCommerce <= 2.4.1 - Missing AuthorizationEPSS 0.6%CVE-2024-1047MEDIUMThemeIsle SDK <= Various Versions - Missing AuthorizationEPSS 0.6%CVE-2023-2450MEDIUMThe FiboSearch - AJAX Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versionEPSS 0.6%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →