Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 2013 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-62957 WordPress NikanWP WooCommerce Reporting plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) vulnerability NikanWPNikanWP WooCommerce Reporting High 7.1 2025-10-27 01:34:11 Deep Dive
CVE-2025-62935 WordPress Open Close WooCommerce Store plugin <= 5.0.0 - Broken Access Control vulnerability StackWCOpen Close WooCommerce Store Medium 4.3 2025-10-27 01:34:03 Deep Dive
CVE-2025-62903 WordPress WPC Smart Messages for WooCommerce plugin <= 4.2.8 - Cross Site Scripting (XSS) vulnerability WPCleverWPC Smart Messages for WooCommerce Medium 6.5 2025-10-27 01:33:51 Deep Dive
CVE-2025-62890 WordPress Premmerce Brands for WooCommerce plugin <= 1.2.13 - Cross Site Request Forgery (CSRF) vulnerability PremmercePremmerce Brands for WooCommerce Medium 4.3 2025-10-27 01:33:46 Deep Dive
CVE-2025-12095 Simple Registration for WooCommerce <= 1.5.8 - Cross-Site Request Forgery to Privilege Escalation via Role Request Approval astoundifySimple Registration for WooCommerce High 8.8 2025-10-25 05:31:23 Deep Dive
CVE-2025-11888 ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution <= 4.8.4 - Incorrect Authorization to Authenticated (Editor+) License Status Update roxnorShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution Low 2.7 2025-10-25 05:31:22 Deep Dive
CVE-2025-11823 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode devitemsllcShopLentor – All-in-One WooCommerce Growth & Store Enhancement Plugin Medium 6.4 2025-10-25 04:22:45 Deep Dive
CVE-2025-10861 Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers <= 2.1.4 - Unauthenticated Server-Side Request Forgery roxnorPopup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers High 7.5 2025-10-24 11:25:46 Deep Dive
CVE-2025-12096 Simple Excel Pricelist for WooCommerce <= 1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode prawasSimple Excel Pricelist for WooCommerce Medium 6.4 2025-10-24 08:24:00 Deep Dive
CVE-2025-6440 WooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File Upload JMA PluginsWooCommerce Designer Pro Critical 9.8 2025-10-24 07:23:28 Deep Dive
CVE-2025-62015 WordPress Advanced Coupons for WooCommerce Coupons plugin <= 4.6.8 - SQL Injection vulnerability Josh KohlbachAdvanced Coupons for WooCommerce Coupons High 7.6 2025-10-22 14:32:49 Deep Dive
CVE-2025-62008 WordPress Product Table For WooCommerce plugin <= 1.2.4 - PHP Object Injection vulnerability acowebsProduct Table For WooCommerce--2025-10-22 14:32:48 Deep Dive
CVE-2025-62005 WordPress SUMO Memberships for WooCommerce plugin < 7.8.0 - Cross Site Request Forgery (CSRF) vulnerability FantasticPluginsSUMO Memberships for WooCommerce High 7.1 2025-10-22 14:32:47 Deep Dive
CVE-2025-60222 WordPress SUMO Memberships for WooCommerce plugin <= 7.8.0 - Privilege Escalation vulnerability FantasticPluginsSUMO Memberships for WooCommerce--2025-10-22 14:32:45 Deep Dive
CVE-2025-60211 WordPress WooCommerce Registration Fields Plugin - Custom Signup Fields plugin <= 3.2.3 - Privilege Escalation vulnerability extendonsWooCommerce Registration Fields Plugin - Custom Signup Fields--2025-10-22 14:32:43 Deep Dive
CVE-2025-59006 WordPress Easy Woocommerce Customizer plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability themebonEasy Woocommerce Customizer High 7.1 2025-10-22 14:32:37 Deep Dive
CVE-2025-53424 WordPress WooCommerce Orders & Customers Exporter plugin <= 5.4 - Broken Access Control vulnerability vanquishWooCommerce Orders & Customers Exporter Medium 6.5 2025-10-22 14:32:33 Deep Dive
CVE-2025-53422 WordPress WhatsApp Chat for WordPress and WooCommerce plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability ThemeWarriorsWhatsApp Chat for WordPress and WooCommerce--2025-10-22 14:32:33 Deep Dive
CVE-2025-53297 WordPress Woocommerce Envato Affiliates plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability AA-TeamWoocommerce Envato Affiliates--2025-10-22 14:32:31 Deep Dive
CVE-2025-52757 WordPress SUMO Memberships for WooCommerce plugin < 7.8.0 - Arbitrary Content Deletion vulnerability FantasticPluginsSUMO Memberships for WooCommerce Medium 6.5 2025-10-22 14:32:27 Deep Dive