Exposição de WooCommerce
Ecommerce, WordPress plugins1.807
score de exposição
591.334
sites usam
0
em exploração
158
críticos
CVEs
2.037 resultadosCVE-2024-13792HIGHWooCommerce Food - Restaurant Menu & Food ordering <= 3.3.2 - Unauthenticated Arbitrary Shortcode Execution via idsEPSS 0.5%CVE-2024-13797HIGHPressMart - Modern Elementor WooCommerce WordPress Theme <= 1.2.16 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.5%CVE-2024-32511CRITICALWordPress Simple Registration for WooCommerce plugin <= 1.5.6 - Unauthenticated Privilege Escalation vulnerabilityEPSS 0.5%CVE-2024-24796HIGHWordPress Event Manager for WooCommerce Plugin <= 4.1.1 is vulnerable to PHP Object InjectionEPSS 0.5%CVE-2024-38702MEDIUMWordPress Product Delivery Date for WooCommerce – Lite plugin <= 2.7.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2026-3208MEDIUMMercado Pago payments for WooCommerce <= 8.7.11 - Missing Authorization to Unauthenticated PIX Payment QR Code Image DisclosureEPSS 0.5%CVE-2025-39557CRITICALWordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2022-3537HIGHRole Based Pricing for WooCommerce < 1.6.2 - Subscriber+ Arbitrary File UploadEPSS 0.5%CVE-2024-38772MEDIUMWordPress JetWidgets for Elementor and WooCommerce plugin <= 1.1.7 - Contributor+ Limited Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-2421MEDIUMilGhera Carta Docente for WooCommerce <= 1.5.0 - Authenticated (Administrator+) Path Traversal to Arbitrary File Deletion via 'cert' ParameterEPSS 0.5%CVE-2024-52379CRITICALWordPress kineticPay for WooCommerce plugin <= 2.0.8 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-50494CRITICALWordPress Sudan Payment Gateway for WooCommerce plugin <= 1.2.2 - Arbitrary File Upload vulnerabilityEPSS 0.5%CVE-2024-39651HIGHWordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2025-24594MEDIUMWordPress Linet ERP-Woocommerce Integration plugin <= 3.5.7 - CSRF to Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-11725HIGHSMS Alert Order Notifications – WooCommerce <= 3.7.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options UpdateEPSS 0.5%CVE-2024-50416HIGHWordPress WPC Shop as a Customer for WooCommerce plugin <= 1.2.6 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2025-22782CRITICALWordPress WR Price List Manager For Woocommerce plugin <= 1.0.8 - Remote Code Execution (RCE) vulnerabilityEPSS 0.5%CVE-2023-35049HIGHWordPress WooCommerce Stripe Payment Gateway plugin <= 7.4.0 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-10519MEDIUMWishlist for WooCommerce: Multi Wishlists Per Customer PRO 3.0.8 - 3.1.2 - Reflected Cross-Site Scripting via wtab ParameterEPSS 0.5%CVE-2024-4038MEDIUMBack In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro <= 5.3.1 - Unauthenticated Arbitrary Shortcode ExecutionEPSS 0.5%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →