Exposição de WooCommerce
Ecommerce, WordPress plugins1.807
score de exposição
591.334
sites usam
0
em exploração
158
críticos
CVEs
2.037 resultadosCVE-2022-2429MEDIUMUltimate SMS Notifications for WooCommerce <= 1.4.1 - CSV InjectionEPSS 0.7%CVE-2023-51505CRITICALWordPress Active Products Tables for WooCommerce Plugin <= 1.0.6 is vulnerable to PHP Object InjectionEPSS 0.7%CVE-2024-13921HIGHOrder Export & Order Import for WooCommerce <= 2.6.0 - Authenticated (Admin+) PHP Object Injection via form_data ParameterEPSS 0.6%CVE-2020-36711MEDIUMAvada <= 6.2.2 - Authenticated (Contributor+) Cross-Site ScriptingEPSS 0.6%CVE-2021-39347MEDIUMStripe for WooCommerce 3.0.0 - 3.3.9 Missing Authorization Controls to Financial Account HijackingEPSS 0.6%CVE-2024-32807HIGHWordPress Brevo for WooCommerce plugin <= 4.0.17 - Arbitrary File Download and Deletion vulnerabilityEPSS 0.6%CVE-2023-52218CRITICALWordPress WooCommerce Tranzila Gateway Plugin <= 1.0.8 is vulnerable to PHP Object InjectionEPSS 0.6%CVE-2023-51546HIGHWordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.2.1 - Privilege Escalation vulnerabilityEPSS 0.6%CVE-2022-4937MEDIUMThe WCFM Frontend Manager plugin for WordPress is vulnerable to unauthorized modification and access of data in versions up to, and includinEPSS 0.6%CVE-2024-0626MEDIUMWooCommerce Clover Payment Gateway <= 1.3.1 - Missing Authorization via callback_handlerEPSS 0.6%CVE-2025-12000MEDIUMWPFunnels <= 3.6.2 - Authenticated (Administrator+) Arbitrary File Deletion via Path TraversalEPSS 0.6%CVE-2025-32631HIGHWordPress Oxygen MyData for WooCommerce plugin <= 1.0.64 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-8393MEDIUMWoocommerce Blocks – Woolook <= 1.7.0 - Authenticated (Admin+) Local File InclusionEPSS 0.6%CVE-2023-3525HIGHThe Getnet Argentina para Woocommerce plugin for WordPress is vulnerable to authorization bypass due to missing validation on the 'webhook' EPSS 0.6%CVE-2023-0061MEDIUMJudge.me Product Reviews for WooCommerce < 1.3.21 - Contributor+ Stored XSSEPSS 0.6%CVE-2024-9944MEDIUMWooCommerce <= 9.0.2 - Unauthenticated HTML InjectionEPSS 0.6%CVE-2025-2266CRITICALCheckout Mestres do WP for WooCommerce 8.6.5 - 8.7.5 - Unauthenticated Arbitrary Options UpdateEPSS 0.6%CVE-2022-45066MEDIUMWordPress WooSwipe WooCommerce Gallery plugin <= 2.0.1 - Auth. Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-25925CRITICALWordPress WooCommerce Easy Checkout Field Editor, Fees & Discounts Plugin <= 3.5.12 is vulnerable to Arbitrary File UploadEPSS 0.6%CVE-2024-43138MEDIUMWordPress Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 4.2.1 - Local File Inclusion vulnerabilityEPSS 0.6%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →