Exposición de WooCommerce
Ecommerce, WordPress plugins1807
score de exposición
591.334
sitios usan
0
en explotación
158
críticos
CVEs
2037 resultadosCVE-2024-3869MEDIUMCustomer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Coupon SearchEPSS 0.5%CVE-2024-9927HIGHWooCommerce Order Proposal <= 2.0.5 - Authenticated (Shop Manager+) Privilege Escalation via Order ProposalEPSS 0.5%CVE-2023-41803MEDIUMWordPress BitPay Checkout for WooCommerce plugin <= 4.1.0 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-2868MEDIUMShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) <= 2.8.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via WL Universal Product LayoutEPSS 0.5%CVE-2026-54807CRITICALWordPress Registration Form for WooCommerce plugin <= 1.0.9 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2025-7359HIGHCounter live visitors for WooCommerce <= 1.3.6 - Unauthenticated Arbitrary File Deletion in wcvisitor_get_blockEPSS 0.4%CVE-2025-30825HIGHWordPress WPC Smart Linked Products plugin <= 1.3.5 - Privilege Escalation vulnerabilityEPSS 0.4%CVE-2025-47461HIGHWordPress Subaccounts for WooCommerce plugin <= 1.6.6 - Account Takeover vulnerabilityEPSS 0.4%CVE-2025-53281HIGHWordPress WPB Category Slider for WooCommerce plugin <= 1.71 - Local File Inclusion VulnerabilityEPSS 0.4%CVE-2024-3197MEDIUMThe Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom AttributesEPSS 0.4%CVE-2023-32747MEDIUMWordPress WooCommerce Bookings Plugin <= 1.15.78 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.4%CVE-2025-30807CRITICALWordPress Next-Cart Store to WooCommerce Migration plugin <= 3.9.4 - SQL Injection vulnerabilityEPSS 0.4%CVE-2024-13528HIGHCustomer Email Verification for WooCommerce <= 2.9.5 - Authentication Bypass via ShortcodeEPSS 0.4%CVE-2023-41671MEDIUMWordPress Abandoned Cart Lite for WooCommerce plugin <= 5.16.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2025-10679HIGHReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.12 - Unauthenticated Limited Remote Code ExecutionEPSS 0.4%CVE-2024-38747HIGHWordPress HitPay Payment Gateway for WooCommerce plugin <= 4.1.3 - Sensitive Data Exposure via Log File vulnerabilityEPSS 0.4%CVE-2026-39499HIGHWordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.19 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2026-39472HIGHWordPress WooCommerce PDF Invoices & Packing Slips plugin < 5.9.0 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-9635MEDIUMCheckout with Cash App on WooCommerce <= 6.0.2 - Reflected Cross-Site ScriptingEPSS 0.4%CVE-2024-30469MEDIUMWordPress Wholesale For WooCommerce plugin <= 2.3.0 - Unauthenticated Sensitive Data Exposure vulnerabilityEPSS 0.4%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →