Exposição de WooCommerce
Ecommerce, WordPress plugins1.807
score de exposição
591.334
sites usam
0
em exploração
158
críticos
CVEs
2.037 resultadosCVE-2023-50853HIGHWordPress Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration Plugin <= 1.75.0 is vulnerable to SQL InjectionEPSS 0.5%CVE-2023-5234MEDIUMRelated Products for WooCommerce <= 3.3.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.5%CVE-2023-4216LOWOrders Tracking for WooCommerce < 1.2.6 - Admin+ Arbitrary File Access/ReadEPSS 0.5%CVE-2025-29009CRITICALWordPress Medical Prescription Attachment Plugin for WooCommerce <= 1.2.3 - Arbitrary File Upload VulnerabilityEPSS 0.5%CVE-2024-0445MEDIUMThe Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.5%CVE-2025-24596MEDIUMWordPress WooCommerce Product Table Lite plugin <= 3.8.7 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-0609HIGHWP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.5%CVE-2022-45070MEDIUMWordPress Conditional Checkout Fields for WooCommerce plugin <= 1.2.3 - Broken Authentication vulnerabilityEPSS 0.5%CVE-2023-50856HIGHWordPress Funnel Builder for WordPress by FunnelKit Plugin <= 2.14.3 is vulnerable to SQL InjectionEPSS 0.5%CVE-2024-32602HIGHWordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.3.1 - SQL Injection vulnerabilityEPSS 0.5%CVE-2025-14509HIGHLucky Wheel for WooCommerce – Spin a Sale <= 1.1.13 - Authenticated (Administrator+) PHP Code Injection via Conditional TagsEPSS 0.5%CVE-2023-6638MEDIUMGTG Product Feed for Shopping <= 1.2.4 - Missing Authorization to Unauthenticated Plugin Settings UpdateEPSS 0.5%CVE-2023-25026MEDIUMWordPress PayPal Brasil para WooCommerce plugin <= 1.4.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-27542CRITICALWordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Privilege Escalation vulnerabilityEPSS 0.5%CVE-2023-34382MEDIUMWordPress Dokan Plugin <= 3.7.19 is vulnerable to PHP Object InjectionEPSS 0.5%CVE-2023-51481CRITICALWordPress Local Delivery Drivers for WooCommerce plugin <= 1.9.0 - Unauthenticated Account Takeover vulnerabilityEPSS 0.5%CVE-2024-49658CRITICALWordPress Woocommerce Custom Profile Picture plugin <= 1.0 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-1120MEDIUMNextMove Lite – Thank You Page for WooCommerce & Finale Lite – Sales Countdown Timer & Discount for WooCommerce <= 2.17.0 - Missing Authorization to Unauthenticated System Information DisclosureEPSS 0.5%CVE-2024-1758MEDIUMSuperFaktura WooCommerce <= 1.40.3 - Authenticated (Subscriber+) Blind Server-Side Request ForgeryEPSS 0.5%CVE-2023-27447MEDIUMWordPress WP SMS Plugin <= 6.0.4 is vulnerable to Sensitive Data ExposureEPSS 0.5%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →