| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Missing Authorization vulnerability in Facebook Facebook for WooCommerce facebook-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through <= 3.5.7. |
| Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Product Search for WooCommerce premmerce-search allows Cross Site Request Forgery.This issue affects Premmerce Product Search for WooCommerce: from n/a through <= 2.2.4. |
| Missing Authorization vulnerability in Premmerce Premmerce Wholesale Pricing for WooCommerce premmerce-woocommerce-wholesale-pricing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce Wholesale Pricing for WooCommerce: from n/a through <= 1.1.10. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Genetech Products Web and WooCommerce Addons for WPBakery Builder vc-addons-by-bit14 allows DOM-Based XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through <= 1.5. |
| Missing Authorization vulnerability in Virtuaria Virtuaria PagBank / PagSeguro para Woocommerce virtuaria-pagseguro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Virtuaria PagBank / PagSeguro para Woocommerce: from n/a through <= 3.6.3. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free.This issue affects Advanced Coupons for WooCommerce Coupons: from n/a through <= 4.6.8. |
| Cross-Site Request Forgery (CSRF) vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Cross Site Request Forgery.This issue affects SUMO Memberships for WooCommerce: from n/a through < 7.8.0. |
| Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro wc-designer-pro allows Upload a Web Shell to a Web Server.This issue affects WooCommerce Designer Pro: from n/a through <= 1.9.24. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Wishlist for WooCommerce premmerce-woocommerce-wishlist allows PHP Local File Inclusion.This issue affects Premmerce Wishlist for WooCommerce: from n/a through <= 1.1.10. |
| Cross-Site Request Forgery (CSRF) vulnerability in Ashwani kumar GST for WooCommerce gst-for-woocommerce allows Stored XSS.This issue affects GST for WooCommerce: from n/a through <= 2.0. |
| Missing Authorization vulnerability in webmaniabr Nota Fiscal Eletrônica WooCommerce nota-fiscal-eletronica-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nota Fiscal Eletrônica WooCommerce: from n/a through <= 3.4.0.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webmaniabr Nota Fiscal Eletrônica WooCommerce nota-fiscal-eletronica-woocommerce allows Stored XSS.This issue affects Nota Fiscal Eletrônica WooCommerce: from n/a through <= 3.4.0.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Swings Upsell Order Bump Offer for WooCommerce upsell-order-bump-offer-for-woocommerce allows Stored XSS.This issue affects Upsell Order Bump Offer for WooCommerce: from n/a through <= 3.0.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themebon Easy Woocommerce Customizer easy-woocommerce-customizer allows Reflected XSS.This issue affects Easy Woocommerce Customizer: from n/a through <= 1.0.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through <= 1.7.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Verwymeren Quantities and Units for WooCommerce quantities-and-units-for-woocommerce allows Stored XSS.This issue affects Quantities and Units for WooCommerce: from n/a through <= 1.0.13. |
| Missing Authorization vulnerability in cecabank Cecabank WooCommerce Plugin cecabank-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cecabank WooCommerce Plugin: from n/a through <= 0.3.4. |
| Use of Hard-coded Credentials vulnerability in Risto Niinemets Estonian Shipping Methods for WooCommerce estonian-shipping-methods-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Estonian Shipping Methods for WooCommerce: from n/a through <= 1.7.2. |
| Insertion of Sensitive Information Into Debugging Code vulnerability in Klarna Klarna Order Management for WooCommerce klarna-order-management-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Klarna Order Management for WooCommerce: from n/a through <= 1.9.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShapedPlugin LLC Quick View for WooCommerce woo-quickview allows Stored XSS.This issue affects Quick View for WooCommerce: from n/a through <= 2.2.16. |
