Exposición de WooCommerce
Ecommerce, WordPress plugins1807
score de exposición
591.334
sitios usan
0
en explotación
158
críticos
CVEs
2037 resultadosCVE-2024-12416HIGHWoomotiv <= 3.6.1 - Unauthenticated SQL InjectionEPSS 0.4%CVE-2024-12812HIGHWP ERP < 1.13.4 - Custom+ Unauthorized Access to Terminated Employee InformationEPSS 0.4%CVE-2024-3216MEDIUMWooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.4.2 - Missing Authorization to Unauthenticated Settings ResetEPSS 0.4%CVE-2024-13341MEDIUMMultiLoca - WooCommerce Multi Locations Inventory Management <= 4.1.11 - Authenticated (Subscriber+) SQL InjectionEPSS 0.4%CVE-2023-4960MEDIUMWCFM Marketplace <= 3.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.4%CVE-2024-9356MEDIUMYotpo: Product & Photo Reviews for WooCommerce <= 1.7.9 - Reflected Cross-Site ScriptingEPSS 0.4%CVE-2024-1436MEDIUMWordPress WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit Plugin <= 1.0.9 is vulnerable to Sensitive Data ExposureEPSS 0.4%CVE-2024-32513MEDIUMWordPress Product Feed PRO for WooCommerce plugin <= 13.3.1 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2025-4387HIGHAbandoned Cart Pro for WooCommerce <= 9.16.0 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.4%CVE-2024-31297HIGHWordPress Wholesale For WooCommerce plugin <= 2.3.1 - Unauthenticated Arbitrary Post/Page vulnerabilityEPSS 0.4%CVE-2024-43943HIGHWordPress Greenshift Woocommerce Addon plugin < 1.9.8 - Subscriber+ SQL Injection vulnerabilityEPSS 0.4%CVE-2024-39650HIGHWordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Multiple VulnerabilitiesEPSS 0.4%CVE-2024-10640HIGHThe FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.2 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.4%CVE-2024-33956MEDIUMWordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-1690MEDIUMTeraWallet – Best WooCommerce Wallet System With Cashback Rewards, Partial Payment, Wallet Refunds <= 1.4.10 - Missing Authorization to Authenticated (Subscriber+) User Email ExportEPSS 0.4%CVE-2025-11691HIGHPPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated SQL InjectionEPSS 0.4%CVE-2025-8898CRITICALTaxi Booking Manager for Woocommerce | E-cab <= 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation via Account TakeoverEPSS 0.4%CVE-2024-32675MEDIUMWordPress Order Limit for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-13638MEDIUMOrder Attachments for WooCommerce <= 2.5.1 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2023-47697HIGHWordPress WP Event Manager Plugin <= 3.1.39 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →