Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 27

Clear Filters
Found 2008 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-29006 WordPress Direct Checkout for WooCommerce Lite plugin <= 1.0.3 - Broken Access Control Vulnerability centangleDirect Checkout for WooCommerce Lite Medium 5.3 2025-06-06 12:54:27 Deep Dive
CVE-2025-30950 WordPress All Currencies for WooCommerce plugin <= 2.4.3 - Cross Site Scripting (XSS) vulnerability WP WhamAll Currencies for WooCommerce Medium 6.5 2025-06-06 12:54:12 Deep Dive
CVE-2025-31000 WordPress Payment QR WooCommerce plugin <= 1.1.6 - Broken Access Control Vulnerability Miguel FuentesPayment QR WooCommerce Medium 5.3 2025-06-06 12:53:59 Deep Dive
CVE-2025-49320 WordPress FraudLabs Pro for WooCommerce plugin <= 2.22.11 - Broken Access Control Vulnerability fraudlabsproFraudLabs Pro for WooCommerce Medium 5.3 2025-06-06 12:53:54 Deep Dive
CVE-2025-49315 WordPress Persian Woocommerce SMS plugin <= 7.0.10 - SQL Injection Vulnerability PersianScriptPersian Woocommerce SMS High 7.6 2025-06-06 12:53:52 Deep Dive
CVE-2025-49287 WordPress Product Feed for WooCommerce plugin <= 2.2.8 - Broken Access Control Vulnerability WebToffeeProduct Feed for WooCommerce Medium 4.3 2025-06-06 12:53:43 Deep Dive
CVE-2025-49239 WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.5.0 - Cross Site Request Forgery (CSRF) Vulnerability tychesoftwaresPrint Invoice & Delivery Notes for WooCommerce Medium 5.4 2025-06-06 12:53:34 Deep Dive
CVE-2025-5103 Ultimate Gift Cards for WooCommerce <= 3.1.4 - Authenticated (Administrator+) SQL Injection via wps_wgm_save_post Function wpswingsUltimate Gift Cards for WooCommerce Medium 4.9 2025-06-03 08:21:54 Deep Dive
CVE-2025-4420 Vayu Blocks <= 1.3.1 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via containerWidth Parameter themehunkVayu Blocks – Website Builder for the Block Editor Medium 6.4 2025-06-03 08:21:53 Deep Dive
CVE-2025-5292 Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks, Widgets and WooCommerce Builder <= 5.11.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting bdthemesElement Pack – Widgets, Templates & Addons for Elementor Medium 6.4 2025-05-31 06:40:57 Deep Dive
CVE-2025-5285 Product Subtitle for WooCommerce <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via htmlTag Parameter spiderwaresProduct Subtitle for WooCommerce Medium 6.4 2025-05-31 06:40:57 Deep Dive
CVE-2025-48331 WordPress WooCommerce Orders & Customers Exporter <= 5.0 - Sensitive Data Exposure Vulnerability vanquishWooCommerce Orders & Customers Exporter High 7.5 2025-05-30 14:01:39 Deep Dive
CVE-2025-4597 Woo Slider Pro - Drag Drop Slider Builder For WooCommerce <= 1.12 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion bc2018Woo Slider Pro – Drag Drop Slider Builder For WooCommerce Medium 6.5 2025-05-30 11:15:09 Deep Dive
CVE-2025-5058 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_image() emagiconeeMagicOne Store Manager for WooCommerce Critical 9.8 2025-05-24 03:37:33 Deep Dive
CVE-2025-4336 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file() emagiconeeMagicOne Store Manager for WooCommerce High 8.1 2025-05-24 03:37:32 Deep Dive
CVE-2025-4603 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Deletion emagiconeeMagicOne Store Manager for WooCommerce Critical 9.1 2025-05-24 03:37:32 Deep Dive
CVE-2025-4602 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Read emagiconeeMagicOne Store Manager for WooCommerce Medium 5.9 2025-05-24 03:37:31 Deep Dive
CVE-2025-31056 WordPress WhatsCart plugin <= 1.1.0 - SQL Injection vulnerability TechspawnWhatsCart - Whatsapp Abandoned Cart Recovery, Order Notifications, Chat Box, OTP for WooCommerce Critical 9.3 2025-05-23 12:44:09 Deep Dive
CVE-2025-31397 WordPress Bus Ticket Booking with Seat Reservation for WooCommerce plugin <= 1.7 - SQL Injection vulnerability smartcmsBus Ticket Booking with Seat Reservation for WooCommerce Critical 9.3 2025-05-23 12:44:07 Deep Dive
CVE-2025-47461 WordPress Subaccounts for WooCommerce plugin <= 1.6.6 - Account Takeover vulnerability mediaticusSubaccounts for WooCommerce High 8.8 2025-05-23 12:43:36 Deep Dive