Exposición de WooCommerce

Ecommerce, WordPress plugins

1776

score de exposición

591.334

sitios usan

0

en explotación

157

críticos

CVEs

2028 resultados

CVE-2024-27971HIGHWordPress Premmerce Permalink Manager for WooCommerce plugin <= 2.3.10 - Local File Inclusion vulnerabilityEPSS 1.5%CVE-2024-11281CRITICALWooCommerce Point of Sale <= 6.1.0 - Insecure Direct Object Reference to Privilege Escalation via Arbitrary User Email ChangeEPSS 1.5%CVE-2024-10828HIGHAdvanced Order Export For WooCommerce <= 3.5.5 - Unauthenticated PHP Object Injection via Order DetailsEPSS 1.4%CVE-2024-54262CRITICALWordPress Import Export For WooCommerce plugin <= 1.6.2 - Arbitrary File Upload vulnerabilityEPSS 1.4%CVE-2025-2941CRITICALDrag and Drop Multiple File Upload for WooCommerce <= 1.1.4 - Unauthenticated Arbitrary File MoveEPSS 1.4%CVE-2024-3962CRITICALProduct Addons & Fields for WooCommerce <= 32.0.18 - Unauthenticated Arbitrary File Upload via ppom_upload_fileEPSS 1.4%CVE-2019-25152HIGHAbandoned Cart Lite for WooCommerce < 5.2.0 and Abandoned Cart Pro for WooCommerce < 7.13.0 - Stored Cross-Site ScriptingEPSS 1.4%CVE-2020-36731HIGHFlexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings UpdateEPSS 1.3%CVE-2021-24190—WooCommerce Conditional Marketing Mailer < 1.5.2 - Arbitrary Plugin Installation/Activation via Low Privilege UserEPSS 1.3%CVE-2021-24846—Ni WooCommerce Custom Order Status < 1.9.7 - Subscriber+ SQL InjectionEPSS 1.3%CVE-2022-1933—CDI < 5.1.9 - Reflected Cross-Site-ScriptingEPSS 1.3%CVE-2021-24952—Conversios.io < 4.6.2 - Subscriber+ SQL InjectionEPSS 1.3%CVE-2024-50509HIGHWordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Deletion vulnerabilityEPSS 1.3%CVE-2021-24835—WCFM - Frontend Manager for WooCommerce < 6.5.12 - Customer/Subscriber+ SQL InjectionEPSS 1.3%CVE-2021-4337HIGHMultiple XforWooCommerce Add-On Plugins (Various Versions) - Missing AuthorizationEPSS 1.3%CVE-2024-1205HIGHManagement App for WooCommerce – Order notifications, Order management, Lead management, Uptime Monitoring <= 1.2.2 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.3%CVE-2024-1986HIGHElite Booster for WooCommerce <= 7.1.7 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.3%CVE-2021-25068—Sync WooCommerce Product feed to Google Shopping <= 1.2.4 - Admin+ SQLiEPSS 1.3%CVE-2021-32790MEDIUMBlind SQL Injection possible via Authenticated Web-hook Search API EndpointEPSS 1.3%CVE-2024-8289CRITICALMultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.0 - Missing Authorization to Limited Vendor Privilege Escalation/Account TakeoverEPSS 1.3%

← anteriorpágina 4 / 102siguiente →

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →