Exposición de WooCommerce

Ecommerce, WordPress plugins

1776

score de exposición

591.334

sitios usan

0

en explotación

157

críticos

CVEs

2028 resultados

CVE-2022-0948—Order Listener for WooCommerce < 3.2.2 - Unauthenticated SQLiEPSS 9.8%CVE-2023-47681MEDIUMWordPress WooCommerce Checkout Manager plugin <= 7.3.0 - Broken Access Control vulnerabilityEPSS 9.2%CVE-2022-0814—Ubigeo de Peru < 3.6.4 - Unauthenticated SQLiEPSS 8.9%CVE-2021-24849—WCFM - WooCommerce Multivendor Marketplace < 3.4.12 - Unauthenticated SQL InjectionEPSS 8.5%CVE-2021-24212—WooCommerce Help Scout < 2.9.1 - Unauthenticated Arbitrary File Upload leading to RCEEPSS 7.9%CVE-2022-0783—Multiple Shipping Address Woocommerce < 2.0 - Unauthenticated SQLiEPSS 6.7%CVE-2022-1057—Pricing Deals for WooCommerce <= 2.0.2.02 - Unauthenticated SQLiEPSS 6.7%CVE-2022-4047CRITICALReturn Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File UploadEPSS 6.2%CVE-2025-47577CRITICALWordPress TI WooCommerce Wishlist plugin <= 2.9.2 - Arbitrary File Upload VulnerabilityEPSS 4.9%CVE-2022-4328CRITICALWooCommerce Checkout Field Manager < 18.0 - Unauthenticated Arbitrary File UploadEPSS 4.4%CVE-2024-8425CRITICALWooCommerce Ultimate Gift Card <= 2.9.2 - Unauthenticated Arbitrary File UploadEPSS 3.9%CVE-2022-3481CRITICALWooCommerce Dropshipping < 4.4 - Unauthenticated SQLiEPSS 3.7%CVE-2025-10162HIGHOrderConvo < 14 - Unauthenticated Arbitrary File ReadEPSS 3.7%CVE-2019-1010124—WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by: Cross Site Scripting (XSS). The impact is: XSS to RCE via editing themEPSS 3.2%CVE-2025-13773CRITICALPrint Invoice & Delivery Notes for WooCommerce <= 5.8.0 - Unauthenticated Remote Code ExecutionEPSS 3.2%CVE-2025-1562CRITICALRecover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit <= 3.5.3 - Missing Authorization to Unauthenticated Arbitrary Plugin InstallationEPSS 2.9%CVE-2024-0399HIGHWooCommerce Customers Manager < 29.7 - Subscriber+ SQL InjectionEPSS 2.9%CVE-2026-10580CRITICALHippoo Mobile App for WooCommerce <= 1.9.4 - Unauthenticated Authentication Bypass to Administrator Account Takeover via REST APIEPSS 2.8%CVE-2024-0705CRITICALStripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL InjectionEPSS 2.7%CVE-2023-2744—WP ERP < 1.12.4 - Admin+ SQL InjectionEPSS 2.6%

← anteriorpágina 2 / 102siguiente →

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →