Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 2013 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-30959 WordPress Product XML Feed Manager for WooCommerce <= 2.9.2 - Broken Access Control Vulnerability WPFactoryProduct XML Feed Manager for WooCommerce Medium 6.5 2025-07-16 11:28:08 Deep Dive
CVE-2025-47645 WordPress ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin <= 1.4.9 - Subscriber+ SQL Injection vulnerability ELEXtensionsELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes High 8.5 2025-07-16 11:28:03 Deep Dive
CVE-2025-49319 WordPress Wishlist for WooCommerce <= 3.2.3 - Broken Access Control Vulnerability WPFactoryWishlist for WooCommerce Medium 6.5 2025-07-16 11:27:59 Deep Dive
CVE-2025-49888 WordPress PW WooCommerce On Sale! plugin <= 1.39 - Broken Access Control Vulnerability pimwickPW WooCommerce On Sale! High 7.1 2025-07-16 11:27:58 Deep Dive
CVE-2025-54041 WordPress Wallet System for WooCommerce plugin <= 2.6.7 - Cross Site Request Forgery (CSRF) Vulnerability WP SwingsWallet System for WooCommerce Medium 4.3 2025-07-16 10:36:50 Deep Dive
CVE-2025-54030 WordPress WooCommerce Google Sheet Connector plugin <= 1.3.20 - Cross Site Request Forgery (CSRF) Vulnerability WesternDealWooCommerce Google Sheet Connector Medium 4.3 2025-07-16 10:36:47 Deep Dive
CVE-2025-7359 Counter live visitors for WooCommerce <= 1.3.6 - Unauthenticated Arbitrary File Deletion in wcvisitor_get_block danielrieraCounter live visitors for WooCommerce High 8.2 2025-07-16 06:40:41 Deep Dive
CVE-2025-2799 WP Event Manager <= 3.1.49 - Authenticated (Administrator+) Stored Cross-Site Scripting wpeventmanagerWP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce Medium 4.4 2025-07-16 05:23:51 Deep Dive
CVE-2025-2800 WP Event Manager <= 3.1.50 - Unauthenticated Stored Cross-Site Scripting via 'organizer_name' wpeventmanagerWP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce High 7.2 2025-07-16 05:23:51 Deep Dive
CVE-2025-5530 WPC Smart Compare for WooCommerce <= 6.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting wpcleverWPC Smart Compare for WooCommerce Medium 6.4 2025-07-11 07:23:00 Deep Dive
CVE-2025-3780 WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible <= 6.7.16 - Missing Authorization to Unauthenticated Plugin Settings Modification wcloversWCFM – Frontend Manager for WooCommerce Medium 6.5 2025-07-08 23:22:49 Deep Dive
CVE-2025-24780 WordPress Printcart Web to Print Product Designer for WooCommerce plugin <= 2.4.0 - SQL Injection Vulnerability printcartPrintcart Web to Print Product Designer for WooCommerce High 8.5 2025-07-04 11:18:11 Deep Dive
CVE-2025-50032 WordPress Paytiko for WooCommerce plugin <= 1.4.6 - Broken Access Control vulnerability Paytiko - Payment Orchestration PlatformPaytiko for WooCommerce Medium 6.5 2025-07-04 11:17:58 Deep Dive
CVE-2025-49417 WordPress WooCommerce Product Multi-Action plugin <= 1.3 - Deserialization of untrusted data Vulnerability BestWpDeveloperWooCommerce Product Multi-Action Critical 9.8 2025-07-04 11:17:49 Deep Dive
CVE-2025-29001 WordPress WooCommerce Shop Page Builder plugin <= 2.27.7 - Broken Access Control Vulnerability ZoomItWooCommerce Shop Page Builder Medium 4.3 2025-07-04 08:42:17 Deep Dive
CVE-2025-53569 WordPress Trust Payments Gateway for WooCommerce (JavaScript Library) plugin <= 1.3.6 - Cross Site Request Forgery (CSRF) Vulnerability Trust PaymentsTrust Payments Gateway for WooCommerce (JavaScript Library) Medium 4.3 2025-07-04 08:42:03 Deep Dive
CVE-2025-6729 PayMaster for WooCommerce <= 0.4.31 - Authenticated (Subscriber+) Server-Side Request Forgery qazomardokPayMaster for WooCommerce Medium 6.4 2025-07-04 01:44:03 Deep Dive
CVE-2025-39362 WordPress Mollie Payments for WooCommerce plugin <= 8.0.2 - Insecure Direct Object References (IDOR) vulnerability MollieMollie Payments for WooCommerce Medium 6.5 2025-07-02 10:59:06 Deep Dive
CVE-2025-5817 Amazon Products to WooCommerce <= 1.2.7 - Unauthenticated Server-Side Request Forgery suhailahmad64Amazon Products to WooCommerce High 7.2 2025-07-02 03:47:25 Deep Dive
CVE-2025-5746 Drag and Drop Multiple File Upload (Pro) - WooCommerce <= 1.7.1 and 5.0 - 5.0.5 - Unauthenticated Arbitrary File Upload CodeDropzDrag and Drop Multiple File Upload (Pro) - WooCommerce Critical 9.8 2025-07-02 03:47:24 Deep Dive