| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-34296 | Oracle Agile Product Lifecycle Management for Process 安全漏洞 | Oracle Corporation | Oracle Agile Product Lifecycle Management for Process | Medium | 4.3 | 2026-04-21 20:35:29 | Deep Dive |
| CVE-2026-3599 | Riaxe Product Customizer <= 2.1.2 - Unauthenticated SQL Injection via 'options' Parameter Keys in product_data | imprintnext | Riaxe Product Customizer | High | 7.5 | 2026-04-16 05:29:54 | Deep Dive |
| CVE-2026-3595 | Riaxe Product Customizer <= 2.1.2 - Unauthenticated Arbitrary User Deletion via 'user_id' Parameter | imprintnext | Riaxe Product Customizer | Medium | 5.3 | 2026-04-16 05:29:53 | Deep Dive |
| CVE-2026-3596 | Riaxe Product Customizer <= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Options Update to Privilege Escalation via 'install-imprint' AJAX Action | imprintnext | Riaxe Product Customizer | Critical | 9.8 | 2026-04-16 05:29:52 | Deep Dive |
| CVE-2026-1852 | Product Pricing Table by WooBeWoo <= 1.1.0 - Cross-Site Request Forgery to Stored XSS and Pricing Table Deletion | woobeewoo | Product Pricing Table by WooBeWoo | Medium | 6.1 | 2026-04-15 11:30:25 | Deep Dive |
| CVE-2026-3830 | Product Filter for WooCommerce by WBW < 3.1.3 - Unauthenticated SQLi | Unknown | Product Filter for WooCommerce by WBW | 中危 | - | 2026-04-13 06:00:13 | Deep Dive |
| CVE-2026-5812 | SourceCodester Pharmacy Product Management System POST Parameter add-sales.php logic error | SourceCodester | Pharmacy Product Management System | Medium | 5.4 | 2026-04-08 22:30:15 | Deep Dive |
| CVE-2026-3396 | WCAPF – WooCommerce Ajax Product Filter <= 4.2.3 - Unauthenticated Time-Based SQL Injection | shamimmoeen | WCAPF – Ajax Product Filter for WooCommerce | High | 7.5 | 2026-04-08 11:16:59 | Deep Dive |
| CVE-2026-39704 | WordPress Precious Metals Automated Product Pricing – Pro plugin <= 4.0.5 - Broken Access Control vulnerability | nfusionsolutions | Precious Metals Automated Product Pricing – Pro | - | - | 2026-04-08 08:30:47 | Deep Dive |
| CVE-2026-39662 | WordPress Product Price by Formula for WooCommerce plugin <= 2.5.6 - Broken Access Control vulnerability | ProWCPlugins | Product Price by Formula for WooCommerce | - | - | 2026-04-08 08:30:37 | Deep Dive |
| CVE-2026-3594 | Riaxe Product Customizer <= 2.4 - Unauthenticated Sensitive Information Disclosure via '/orders' REST API Endpoint | imprintnext | Riaxe Product Customizer | Medium | 5.3 | 2026-04-08 06:43:38 | Deep Dive |
| CVE-2026-3499 | Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce 13.4.6 - 13.5.2.1 - Cross-Site Request Forgery to Multiple Administrative Actions | jkohlbach | Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce | High | 8.8 | 2026-04-08 01:24:44 | Deep Dive |
| CVE-2026-31920 | WordPress Product Rearrange for WooCommerce plugin <= 1.2.2 - SQL Injection vulnerability | Devteam HaywoodTech | Product Rearrange for WooCommerce | 中危 | - | 2026-03-25 16:14:57 | Deep Dive |
| CVE-2026-31921 | WordPress Product Rearrange for WooCommerce plugin <= 1.2.2 - Broken Access Control vulnerability | Devteam HaywoodTech | Product Rearrange for WooCommerce | 中危 | - | 2026-03-25 16:14:57 | Deep Dive |
| CVE-2026-25455 | WordPress Product Slider for WooCommerce plugin <= 1.13.61 - Broken Access Control vulnerability | PickPlugins | Product Slider for WooCommerce | Medium | 6.5 | 2026-03-25 16:14:50 | Deep Dive |
| CVE-2026-25371 | WordPress Lumise Product Designer plugin < 2.0.9 - SQL Injection vulnerability | King-Theme | Lumise Product Designer | Critical | 9.3 | 2026-03-25 16:14:46 | Deep Dive |
| CVE-2026-25328 | WordPress Product File Upload for WooCommerce plugin <= 2.2.4 - Arbitrary File Deletion vulnerability | add-ons.org | Product File Upload for WooCommerce | Medium | 6.8 | 2026-03-25 16:14:41 | Deep Dive |
| CVE-2026-24993 | WordPress Advanced WooCommerce Product Sales Reporting plugin <= 4.1.3 - SQL Injection vulnerability | WPFactory | Advanced WooCommerce Product Sales Reporting | Critical | 9.3 | 2026-03-25 16:14:36 | Deep Dive |
| CVE-2026-22480 | WordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability | WebToffee | Product Feed for WooCommerce | High | 7.2 | 2026-03-25 16:14:22 | Deep Dive |
| CVE-2026-3138 | Product Filter for WooCommerce by WBW <= 3.1.2 - Missing Authorization to Unauthenticated Filter Data Deletion via TRUNCATE TABLE | woobewoo | Product Filter for WooCommerce by WBW | Medium | 6.5 | 2026-03-24 04:27:49 | Deep Dive |