| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-54236 | WordPress Ni WooCommerce Bulk Product Editor plugin <= 1.4.5 - Reflected Cross Site Scripting (XSS) vulnerability | Anzar Ahmed | Ni WooCommerce Bulk Product Editor | High | 7.1 | 2024-12-13 14:24:30 | Deep Dive |
| CVE-2023-41649 | WordPress Ovic Product Bundle plugin <= 1.1.2 - Broken Access Control vulnerability | hoangkhanh92 | Ovic Product Bundle | Medium | 6.5 | 2024-12-13 14:24:11 | Deep Dive |
| CVE-2023-37971 | WordPress WooCommerce Product Stock Alert plugin <= 2.0.1 - Broken Access Control vulnerability | MultiVendorX | WooCommerce Product Stock Alert | Medium | 6.5 | 2024-12-13 14:23:51 | Deep Dive |
| CVE-2023-36519 | WordPress SW Product Bundles plugin <= 2.0.15 - Broken Access Control vulnerability | WPThemeGo | SW Product Bundles | Medium | 5.4 | 2024-12-13 14:23:44 | Deep Dive |
| CVE-2024-12040 | Product Carousel Slider & Grid Ultimate for WooCommerce <= 1.9.10 - Authenticated (Contributor+) Local File Inclusion via 'theme' | wpwax | Product Carousel Slider & Grid Ultimate for WooCommerce | High | 8.8 | 2024-12-12 05:24:20 | Deep Dive |
| CVE-2024-49513 | Not a product | Out-of-bounds Write (CWE-787) | Adobe | Not a product | High | 7.8 | 2024-12-10 20:57:57 | Deep Dive |
| CVE-2024-47576 | DLL Hijacking vulnerability in SAP Product Lifecycle Costing | SAP_SE | SAP Product Lifecycle Costing | Low | 3.3 | 2024-12-10 00:11:43 | Deep Dive |
| CVE-2023-29173 | WordPress Product Category Tree plugin <= 2.5 - Broken Access Control vulnerability | AwesomeTOGI | Product Category Tree | Medium | 5.3 | 2024-12-09 11:31:13 | Deep Dive |
| CVE-2023-30479 | WordPress Stamped.io Product Reviews & UGC for WooCommerce plugin <= 2.3.2 - Broken Access Control vulnerability | Stamped.io | Stamped.io Product Reviews & UGC for WooCommerce | Medium | 5.3 | 2024-12-09 11:31:06 | Deep Dive |
| CVE-2023-50877 | WordPress Product Filter by WBW plugin <= 2.5.0 - Broken Access Control vulnerability | WBW Plugins | Product Filter by WBW | Medium | 4.3 | 2024-12-09 11:29:58 | Deep Dive |
| CVE-2023-50899 | WordPress Product Catalog Enquiry for WooCommerce by MultiVendorX plugin <= 5.0.2 - Broken Access Control vulnerability | MultiVendorX | Product Catalog Enquiry for WooCommerce by MultiVendorX | Medium | 5.4 | 2024-12-09 11:29:54 | Deep Dive |
| CVE-2024-53817 | WordPress Acowebs Product Labels For Woocommerce plugin <= 1.5.8 - SQL Injection vulnerability | acowebs | Product Labels For Woocommerce | High | 7.6 | 2024-12-06 13:05:59 | Deep Dive |
| CVE-2024-5020 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-12-04 08:22:47 | Deep Dive |
| CVE-2024-10857 | Product Input Fields for WooCommerce <= 1.9 - Authenticated (Contributor+) Arbitrary File Read | tychesoftwares | Product Input Fields for WooCommerce | Medium | 6.5 | 2024-11-26 06:43:45 | Deep Dive |
| CVE-2024-11034 | Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form | wpbean | Request a Quote for WooCommerce – Get a Quote Button | High | 7.3 | 2024-11-23 11:23:16 | Deep Dive |
| CVE-2024-10813 | Product Table for WooCommerce by CodeAstrology (wooproducttable.com) <= 3.5.1 - Information Exposure | codersaiful | Product Table for WooCommerce | Medium | 5.3 | 2024-11-23 03:25:51 | Deep Dive |
| CVE-2024-9111 | Product Designer <= 1.0.36 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | pickplugins | PickPlugins Product Designer for WooCommerce | Medium | 6.4 | 2024-11-21 02:06:25 | Deep Dive |
| CVE-2024-52444 | WordPress Opal Woo Custom Product Variation plugin <= 1.1.3 - Arbitrary File Deletion vulnerability | wpopal | Opal Woo Custom Product Variation | High | 7.5 | 2024-11-20 11:08:36 | Deep Dive |
| CVE-2024-10899 | WooCommerce Product Table Lite <= 3.8.6 - Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting | wcproducttable | Product Table and List Builder for WooCommerce Lite | High | 7.3 | 2024-11-20 06:42:56 | Deep Dive |
| CVE-2024-51835 | WordPress OpenCart Product Display plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | ajinkyanahar | OpenCart Product Display | Medium | 6.5 | 2024-11-19 16:31:42 | Deep Dive |