| CVE-2023-51499 | WordPress WooCommerce Shipping Per Product plugin <= 2.5.4 - Broken Access Control vulnerability | WooCommerce | WooCommerce Shipping Per Product | Medium | 4.3 | 2024-04-12 14:37:00 | Deep Dive |
| CVE-2024-3020 | Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce <= 2.6.3 - Authenticated (Admin+) PHP Object Injection | shapedplugin | Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel | High | 7.2 | 2024-04-10 04:30:22 | Deep Dive |
| CVE-2024-1774 | Customily Product Personalizer <= 1.23.3 - Unauthenticated Stored Cross-Site Scripting | Customily | Customily Product Personalizer | High | 7.2 | 2024-04-09 18:58:33 | Deep Dive |
| CVE-2024-31277 | WordPress Product Designer plugin <= 1.0.32 - PHP Object Injection vulnerability | PickPlugins | Product Designer | High | 8.7 | 2024-04-07 17:24:02 | Deep Dive |
| CVE-2024-2949 | Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sp_wp_carousel_shortcode' | shapedplugin | Carousel, Slider, Photo Gallery with Lightbox, Video Slider, by WP Carousel | Medium | 6.4 | 2024-04-06 06:47:19 | Deep Dive |
| CVE-2024-1807 | Product Sort and Display for WooCommerce <= 2.4.1 - Missing Authorization | a3rev | Product Sort and Display for WooCommerce | Medium | 6.5 | 2024-04-02 09:32:10 | Deep Dive |
| CVE-2024-24800 | WordPress Product Feed PRO for WooCommerce plugin <= 13.2.5 - Reflected Cross Site Scripting (XSS) vulnerability | AdTribes.io | Product Feed PRO for WooCommerce | High | 7.1 | 2024-03-27 05:47:15 | Deep Dive |
| CVE-2024-30231 | WordPress Product Import Export for WooCommerce plugin <= 2.4.1 - Arbitrary File Upload vulnerability | WebToffee | Product Import Export for WooCommerce | Critical | 9.1 | 2024-03-26 11:58:00 | Deep Dive |
| CVE-2024-27994 | WordPress YITH WooCommerce Product Add-Ons plugin <= 4.5.0 - Cross Site Scripting (XSS) vulnerability | YITHEMES | YITH WooCommerce Product Add-Ons | High | 7.1 | 2024-03-21 15:03:12 | Deep Dive |
| CVE-2024-0365 | Fancy Product Designer < 6.1.5 - Admin+ SQL Injection | Unknown | Fancy Product Designer | 中危 | - | 2024-03-18 19:05:43 | Deep Dive |
| CVE-2024-2553 | SourceCodester Product Review Rating System Rate Product cross site scripting | SourceCodester | Product Review Rating System | Low | 3.5 | 2024-03-17 04:00:08 | Deep Dive |
| CVE-2023-51512 | WordPress Product Table by WBW plugin <= 1.8.6 - Cross Site Request Forgery (CSRF) vulnerability | WBW | Product Table by WBW | Medium | 4.3 | 2024-03-16 00:46:19 | Deep Dive |
| CVE-2024-1950 | Product Carousel Slider & Grid Ultimate for WooCommerce <= 1.9.7 - Authenticated(Contributor+) PHP Object Injection | wpwax | Product Carousel Slider & Grid Ultimate for WooCommerce | High | 7.5 | 2024-03-13 15:27:23 | Deep Dive |
| CVE-2024-20956 | Oracle Supply Chain Products Suite 安全漏洞 | Oracle Corporation | Agile Product Lifecycle Management for Process | High | 7.3 | 2024-02-17 01:50:17 | Deep Dive |
| CVE-2023-31189 | Intel Server Product OpenBMC 安全漏洞 | - | Intel(R) Server Product OpenBMC firmware | Medium | 5.2 | 2024-02-14 13:37:52 | Deep Dive |
| CVE-2023-32280 | Intel Server Product OpenBMC 安全漏洞 | - | Intel(R) Server Product OpenBMC firmware | Medium | 5.3 | 2024-02-14 13:37:52 | Deep Dive |
| CVE-2024-24886 | WordPress Product Labels For Woocommerce Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS) | Acowebs | Product Labels For Woocommerce (Sale Badges) | Medium | 5.9 | 2024-02-08 10:46:28 | Deep Dive |
| CVE-2024-1269 | SourceCodester Product Management System supplier.php cross site scripting | SourceCodester | Product Management System | Low | 2.4 | 2024-02-07 02:00:06 | Deep Dive |
| CVE-2023-51669 | WordPress Product Code for WooCommerce Plugin <= 1.4.4 is vulnerable to Cross Site Scripting (XSS) | Artios Media | Product Code for WooCommerce | Medium | 6.5 | 2024-02-01 10:19:56 | Deep Dive |
| CVE-2024-22152 | WordPress Product Import Export for WooCommerce Plugin <= 2.3.7 is vulnerable to Arbitrary File Upload | WebToffee | Product Import Export for WooCommerce | High | 8.0 | 2024-01-24 11:48:56 | Deep Dive |