Exposição de WooCommerce
Ecommerce, WordPress plugins1.807
score de exposição
591.334
sites usam
0
em exploração
158
críticos
CVEs
2.037 resultadosCVE-2024-11362MEDIUMPayments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net <= 1.112.0 - Reflected Cross-Site ScriptingEPSS 0.4%CVE-2024-13641MEDIUMReturn Refund and Exchange For WooCommerce <= 4.4.5 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2022-35275MEDIUMWordPress Advanced Order Export For WooCommerce plugin <= 3.3.1 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2026-0845HIGHWCFM - WooCommerce Frontend Manager <= 6.7.24 - Authenticated (Shop Manager+) Arbitrary Options UpdateEPSS 0.4%CVE-2025-24639MEDIUMWordPress Korea for WooCommerce plugin <= 1.1.11 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2023-28415MEDIUMWordPress Side Cart Woocommerce (Ajax) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-69129CRITICALWordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2024-51626HIGHWordPress Woocommerce Quote Calculator plugin <= 1.1 - SQL Injection vulnerabilityEPSS 0.4%CVE-2024-13623MEDIUMOrder Export for WooCommerce <= 3.24 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2023-4245MEDIUMWooCommerce PDF Invoice Builder <= 1.2.89 - Missing Authorization to Sensitive Information ExposureEPSS 0.4%CVE-2024-43315HIGHWordPress Stripe Payments For WooCommerce plugin <= 1.9.1 - Insecure Direct Object References (IDOR) vulnerabilityEPSS 0.4%CVE-2026-25397HIGHWordPress File Uploader for WooCommerce plugin <= 1.0.4 - Path Traversal vulnerabilityEPSS 0.4%CVE-2024-1562MEDIUMWooCommerce Google Sheet Connector <= 1.3.11 - Missing AuthorizationEPSS 0.4%CVE-2023-4938MEDIUMBEAR <= 1.1.3.3 - Missing Authorization to Product ManipulationEPSS 0.4%CVE-2024-3243MEDIUMCustomer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email SendingEPSS 0.4%CVE-2024-1697MEDIUMCustom WooCommerce Checkout Fields Editor <= 1.3.1 - Authenticated (Subscriber+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-10591HIGHMWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics <= 1.5.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Options UpdateEPSS 0.4%CVE-2023-34004MEDIUMWordPress WooCommerce Box Office Plugin <= 1.1.50 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2023-47696HIGHWordPress Product Enquiry for WooCommerce Plugin <= 3.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2024-8716MEDIUMXT Ajax Add To Cart for WooCommerce <= 1.1.2 - Reflected Cross-Site ScriptingEPSS 0.4%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →