Exposición de WooCommerce
Ecommerce, WordPress plugins1807
score de exposición
591.334
sitios usan
0
en explotación
158
críticos
CVEs
2037 resultadosCVE-2024-22135HIGHWordPress Order Export & Order Import for WooCommerce Plugin <= 2.4.3 is vulnerable to Arbitrary File UploadEPSS 0.5%CVE-2024-56230HIGHWordPress Dynamic Product Category Grid, Slider for WooCommerce plugin <= 1.1.3 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-10114HIGHSocial Login - WordPress / WooCommerce Plugin <= 2.7.7 - Authentication Bypass via WordPress.com OAuth providerEPSS 0.5%CVE-2025-30791HIGHWordPress Cart tracking for WooCommerce plugin <= 1.0.16 - SQL Injection VulnerabilityEPSS 0.5%CVE-2025-0956HIGHWooCommerce Recover Abandoned Cart <= 24.4.0 - Unauthenticated PHP Object InjectionEPSS 0.5%CVE-2023-34376MEDIUMWordPress Change WooCommerce Add To Cart Button Text plugin <= 1.3 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-1960MEDIUMShopLentor <= 2.8.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via Banner LinkEPSS 0.5%CVE-2023-49194MEDIUMWordPress Importify (Dropshipping WooCommerce) plugin <= 1.0.4 - Sensitive Data Exposure vulnerabilityEPSS 0.5%CVE-2024-23512HIGHWordPress ProductX – Gutenberg WooCommerce Blocks Plugin <= 3.1.4 is vulnerable to PHP Object InjectionEPSS 0.5%CVE-2025-28945HIGHWordPress Valen - Sport, Fashion WooCommerce WordPress Theme <= 2.4 - Local File Inclusion VulnerabilityEPSS 0.5%CVE-2023-25999HIGHWordPress BodyCenter - Gym, Fitness WooCommerce WordPress Theme <= 2.4 - Local File Inclusion VulnerabilityEPSS 0.5%CVE-2024-9111MEDIUMProduct Designer <= 1.0.36 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File UploadEPSS 0.5%CVE-2024-6636CRITICALWooCommerce - Social Login <= 2.7.3 - Missing Authorization to Unauthenticated Privilege EscalationEPSS 0.5%CVE-2023-50831MEDIUMWordPress CURCY Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.5%CVE-2024-2343MEDIUMAvada <= 7.11.6 - Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_actionEPSS 0.5%CVE-2024-1119MEDIUMOrder Tip for WooCommerce <= 1.3.1 - Missing Authorization to Unauthenticated Data ExportEPSS 0.5%CVE-2024-10729HIGHBooking & Appointment Plugin for WooCommerce <= 6.9.0 - Authenticated (Subscriber+) Arbitrary Option UpdateEPSS 0.5%CVE-2023-0479MEDIUMPrint Invoice & Delivery Notes for WooCommerce < 4.7.2 - Reflected XSS EPSS 0.5%CVE-2021-25018—PPOM for WooCommerce < 24.0 - Subscriber+ Settings Update to Stored XSSEPSS 0.5%CVE-2026-49060CRITICALWordPress Hippoo Mobile App for WooCommerce plugin <= 1.9.4 - Privilege Escalation vulnerabilityEPSS 0.5%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →