Vulnerabilidades em woocommerce
50 resultadosCVE-2021-32789HIGHArbitrary SQL (SQL injection) possible via the Store API component.EPSS 17.2%CVE-2021-32790MEDIUMBlind SQL Injection possible via Authenticated Web-hook Search API EndpointEPSS 1.3%CVE-2023-34000HIGHWordPress WooCommerce Stripe Payment Gateway Plugin <= 7.4.0 is vulnerable to Insecure Direct Object References (IDOR)EPSS 1.2%CVE-2023-33331HIGHWordPress WooCommerce Product Vendors Plugin <= 2.1.76 is vulnerable to SQL InjectionEPSS 0.9%CVE-2024-10486MEDIUMGoogle for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info FileEPSS 0.9%CVE-2023-33318CRITICALWordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Arbitrary File UploadEPSS 0.8%CVE-2023-32795HIGHWordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to PHP Object InjectionEPSS 0.7%CVE-2023-33330HIGHWordPress WooCommerce Follow-Up Emails Plugin <= 4.9.50 is vulnerable to SQL InjectionEPSS 0.6%CVE-2022-50972CRITICALWooCommerce 7.1.0 Remote Code Execution via class-wc-meta-box-product-images.phpEPSS 0.6%CVE-2023-32743HIGHWordPress AutomateWoo Plugin <= 5.7.1 is vulnerable to SQL InjectionEPSS 0.6%CVE-2023-51502HIGHWordPress WooCommerce Stripe Payment Gateway Plugin <= 7.6.1 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.6%CVE-2023-35876HIGHWordPress WooCommerce Square Plugin <= 3.8.1 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.6%CVE-2023-35879HIGHWordPress WooCommerce Product Vendors Plugin <= 2.1.78 is vulnerable to SQL InjectionEPSS 0.6%CVE-2023-35914HIGHWordPress WooCommerce Subscriptions Plugin <= 5.1.2 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.6%CVE-2023-35881HIGHWordPress WooCommerce One Page Checkout plugin <= 2.3.0 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2023-32799MEDIUMWordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.3 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.5%CVE-2023-37871HIGHWordPress WooCommerce GoCardless Gateway Plugin <= 2.5.6 is vulnerable to Insecure Direct Object References (IDOR)EPSS 0.5%CVE-2024-24799MEDIUMWordPress WooCommerce Box Office plugin <= 1.2.2 - Broken Access Control vulnerabilityEPSS 0.5%CVE-2023-35049HIGHWordPress WooCommerce Stripe Payment Gateway plugin <= 7.4.0 - Unauthenticated Broken Access Control vulnerabilityEPSS 0.5%CVE-2024-37297MEDIUMWooCommerce has a Cross-Site Scripting Vulnerability in checkout & registration formsEPSS 0.5%