Exposição de WooCommerce
Ecommerce, WordPress plugins1.807
score de exposição
591.334
sites usam
0
em exploração
158
críticos
CVEs
2.037 resultadosCVE-2023-2275MEDIUMWooCommerce Multivendor Marketplace – REST API <= 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order/Order Note Disclosure, Order Note Addition via REST APIEPSS 0.5%CVE-2025-26535CRITICALWordPress Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop plugin <= 1.7.6 - SQL Injection vulnerabilityEPSS 0.5%CVE-2026-24372HIGHWordPress Subscriptions for WooCommerce plugin <= 1.8.10 - Bypass Vulnerability vulnerabilityEPSS 0.5%CVE-2024-12395MEDIUMWooCommerce Additional Fees On Checkout (Free) <= 1.4.7 - Reflected Cross-Site Scripting via 'number'EPSS 0.5%CVE-2025-30618CRITICALWordPress Rapyd Payment Extension for WooCommerce plugin <= 1.2.0 - PHP Object Injection VulnerabilityEPSS 0.5%CVE-2025-48124HIGHWordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Arbitrary File Download VulnerabilityEPSS 0.5%CVE-2024-13234HIGHProduct Table by WBW <= 2.1.2 - Unuthenticated SQL InjectionEPSS 0.5%CVE-2023-1839MEDIUMProduct Addons & Fields for WooCommerce < 32.0.6 - Admin+ Stored Cross-Site ScriptingEPSS 0.5%CVE-2025-24625MEDIUMWordPress Taxonomy/Term and Role based Discounts for WooCommerce plugin <= 5.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.5%CVE-2025-11967HIGHMail Mint <= 1.18.10 - Authenticated (Admin+) Arbitrary File UploadEPSS 0.5%CVE-2023-7151MEDIUMProduct Enquiry for WooCommerce < 3.2 - Reflected XSSEPSS 0.5%CVE-2022-34344MEDIUMWordPress Wholesale Suite Plugin <= 2.1.5 is vulnerable to Broken Access ControlEPSS 0.5%CVE-2024-32524MEDIUMWordPress Custom Order Statuses for WooCommerce plugin <= 1.5.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-32516MEDIUMWordPress Multi Currency For WooCommerce plugin <= 1.5.5 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2025-49380CRITICALWordPress WooCommerce Vehicle Parts Finder plugin <= 3.7 - PHP Object Injection vulnerabilityEPSS 0.5%CVE-2026-47100HIGHFunnel Builder for WooCommerce Checkout < 3.15.0.3 Missing Authorization via AJAXEPSS 0.5%CVE-2023-0492MEDIUMGS Products Slider for WooCommerce < 1.5.9 - Contributor+ Stored XSSEPSS 0.5%CVE-2024-0766MEDIUMEnvo's Elementor Templates & Widgets for WooCommerce <= 1.4.4 - Missing Authorization via templates_ajax_requestEPSS 0.5%CVE-2024-6448MEDIUMMollie Payments for WooCommerce <= 7.7.0 - Unauthenticated Full Path DisclosureEPSS 0.5%CVE-2026-5294CRITICALGeekyBot <= 1.2.2 - Missing Authorization to Unauthenticated Arbitrary Plugin Installation via 'geekybot_frontendajax' AJAX ActionEPSS 0.5%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →