Vulnerabilidades en WooCommerce
50 resultadosCVE-2023-32747MEDIUMWordPress WooCommerce Bookings Plugin <= 1.15.78 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.4%CVE-2023-34004MEDIUMWordPress WooCommerce Box Office Plugin <= 1.1.50 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-35918HIGHWordPress WooCommerce Bulk Stock Management Plugin <= 2.2.33 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2026-9284HIGHWooCommerce PayPal Payments <= 4.0.1 - Missing Authorization to Unauthenticated Order Manipulation and Information DisclosureEPSS 0.4%CVE-2023-32802HIGHWordPress WooCommerce Pre-Orders Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-32801HIGHWordPress WooCommerce Composite Products Plugin <= 8.7.5 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-51499MEDIUMWordPress WooCommerce Shipping Per Product plugin <= 2.5.4 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2017-20193MEDIUMProduct Vendors <= 2.0.35 - Reflected Cross Site ScriptingEPSS 0.4%CVE-2023-33332HIGHWordPress WooCommerce Product Vendors Plugin <= 2.1.76 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-33319HIGHWordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-33317HIGHWordPress WooCommerce Warranty Requests Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-32793MEDIUMWordPress WooCommerce Pre-Orders Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-32746MEDIUMWordPress WooCommerce Brands Plugin <= 1.6.45 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-37873HIGHWordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.5 is vulnerable to Cross Site Scripting (XSS)EPSS 0.3%CVE-2023-32744MEDIUMWordPress WooCommerce Product Recommendations Plugin < 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-32745MEDIUMWordPress AutomateWoo Plugin <= 5.7.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-32794MEDIUMWordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-35917MEDIUMWordPress WooCommerce PayPal Payments Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2026-2381MEDIUMWooCommerce Stripe Payment Gateway <= 10.7.0 - Missing Authorization to Unauthenticated Order Status Manipulation via 'order' ParameterEPSS 0.3%CVE-2026-1710MEDIUMWooPayments <= 10.5.1 - Missing Authorization to Unauthenticated Plugin Settings Update via save_upe_appearance_ajaxEPSS 0.3%