Shodan
Vulnerabilities
Vulnerable Software
Woocommerce:  Security Vulnerabilities
CVE-2024-24799
Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2.
CVSS Score
6.5
EPSS Score
0.006
Published
2024-03-26
CVE-2024-27193
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PayU PayU India allows Reflected XSS.This issue affects PayU India: from n/a through 3.8.2.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-03-15
CVE-2022-0775
The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment
CVSS Score
4.3
EPSS Score
0.002
Published
2024-01-16
CVE-2023-52222
Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.2.2.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-01-08
CVE-2023-32795
Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a through 6.1.3.
CVSS Score
8.2
EPSS Score
0.002
Published
2023-12-28
CVE-2023-32799
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-12-21
CVE-2023-33318
Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40.
CVSS Score
9.9
EPSS Score
0.003
Published
2023-12-20
CVE-2023-33330
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50.
CVSS Score
8.5
EPSS Score
0.001
Published
2023-12-20
CVE-2023-32743
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1.
CVSS Score
7.6
EPSS Score
0.001
Published
2023-12-20
CVE-2023-32744
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Recommendations plugin <= 2.3.0 versions.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-11-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved