Vulnerabilities in themehigh

12 results

CVE-2024-0705CRITICALStripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL InjectionEPSS 2.7%CVE-2023-3162CRITICALStripe Payment Plugin for WooCommerce <= 3.7.7 - Authentication BypassEPSS 1.0%CVE-2024-32781HIGHWordPress Email Customizer for WooCommerce plugin <= 2.6.0 - Sensitive Data Exposure vulnerabilityEPSS 0.7%CVE-2024-35658HIGHWordPress Checkout Field Editor for WooCommerce (Pro) plugin <= 3.6.2 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-8499MEDIUMCheckout Field Editor (Checkout Manager) for WooCommerce <= 2.0.3 - Reflected Cross-Site Scripting via render_review_request_noticeEPSS 0.4%CVE-2026-45217MEDIUMWordPress Stripe Payment Gateway for WooCommerce plugin <= 5.0.7 - Broken Authentication vulnerabilityEPSS 0.4%CVE-2026-3231HIGHCheckout Field Editor (Checkout Manager) for WooCommerce <= 2.1.7 - Unauthenticated Stored Cross-Site Scripting via Block Checkout Custom Radio FieldEPSS 0.3%CVE-2025-13974MEDIUMEmail Customizer for WooCommerce | Drag and Drop Email Templates Builder <= 2.6.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via Email Template ContentEPSS 0.3%CVE-2023-51545CRITICALWordPress Job Manager & Career Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object InjectionEPSS 0.3%CVE-2025-67556MEDIUMWordPress Advanced FAQ Manager plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-67553MEDIUMWordPress Advanced FAQ Manager plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-49077MEDIUMWordPress Dynamic Pricing and Discount Rules plugin <= 2.2.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%