Exposición de WooCommerce
Ecommerce, WordPress plugins1807
score de exposición
591.334
sitios usan
0
en explotación
158
críticos
CVEs
2037 resultadosCVE-2025-1911LOWProduct Import Export for WooCommerce <= 2.5.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page FunctionEPSS 0.4%CVE-2025-47588CRITICALWordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.9 - Arbitrary Code Execution vulnerabilityEPSS 0.4%CVE-2023-49827HIGHWordPress Soledad Theme <= 8.4.1 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-68013MEDIUMWordPress Payment Gateway Authorize.Net CIM for WooCommerce plugin <= 2.1.2 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2022-47589MEDIUMWordPress CTT Expresso para WooCommerce Plugin <= 3.2.11 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2022-47173MEDIUMWordPress Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration Plugin <= 1.62.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2024-0201MEDIUMProduct Expiry for WooCommerce <= 2.5 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings UpdateEPSS 0.4%CVE-2022-43463MEDIUMWordPress Custom Product Tabs for WooCommerce plugin <= 1.7.9 - Auth. Stored Cross-Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2025-47538HIGHWordPress Cart tracking for WooCommerce plugin <= 1.0.17 - SQL Injection VulnerabilityEPSS 0.4%CVE-2025-47544HIGHWordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.8 - SQL Injection VulnerabilityEPSS 0.4%CVE-2026-3985HIGHCreative Mail – Easier WordPress & WooCommerce Email Marketing <= 1.6.9 - Unauthenticated SQL Injection via 'checkout_uuid' ParameterEPSS 0.4%CVE-2024-4632MEDIUMWooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-9156MEDIUMTI WooCommerce Wishlist <= 2.8.2 - Unauthenticated SQL Injection via lang parametersEPSS 0.4%CVE-2025-31757MEDIUMWordPress Free Woocommerce Product Table View plugin <= 1.78 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-31802MEDIUMWordPress Shiptimize for WooCommerce plugin <= 3.1.86 - Settings Change vulnerabilityEPSS 0.4%CVE-2024-10535MEDIUMVideo Gallery for WooCommerce <= 1.31 - Missing Authorization to Unauthenticated Limited File DeletionEPSS 0.4%CVE-2025-14070HIGHReviewify <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon CreationEPSS 0.4%CVE-2023-47755MEDIUMWordPress WooCommerce Product Carousel Slider Plugin <= 3.3.5 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-5062MEDIUMWooCommerce <= 9.4.2 - PostMessage-Based Cross-Site ScriptingEPSS 0.4%CVE-2024-13343HIGHWooCommerce Customers Manager <= 31.3 - Missing Authorization to Authenticated (Subscriber+) Privilege EscalationEPSS 0.4%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →