| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-10162 | OrderConvo < 14 - Unauthenticated Arbitrary File Read | Unknown | Admin and Customer Messages After Order for WooCommerce: OrderConvo | - | - | 2025-10-07 06:00:05 | Deep Dive |
| CVE-2025-59565 | WordPress Upsell Order Bump Offer for WooCommerce Plugin <= 3.0.7 - Cross Site Scripting (XSS) Vulnerability | WP Swings | Upsell Order Bump Offer for WooCommerce | Medium | 6.5 | 2025-09-22 18:26:01 | Deep Dive |
| CVE-2024-25011 | Ericsson Catalog Manager and Ericsson Order Care - Exposure of Sensitive Information Vulnerability | Ericsson | Ericsson Catalog Manager | Medium | 5.3 | 2025-09-18 11:38:18 | Deep Dive |
| CVE-2025-58599 | WordPress Order Delivery Date for WooCommerce Plugin <= 4.1.0 - Broken Access Control Vulnerability | tychesoftwares | Order Delivery Date for WooCommerce | Medium | 4.3 | 2025-09-03 14:36:39 | Deep Dive |
| CVE-2025-58598 | WordPress Klarna Order Management for WooCommerce Plugin <= 1.9.8 - Sensitive Data Exposure Vulnerability | Klarna | Klarna Order Management for WooCommerce | Medium | 6.6 | 2025-09-03 14:36:38 | Deep Dive |
| CVE-2024-32589 | WordPress Barcode Scanner and Inventory manager plugin <= 1.5.3 - Broken Access Control to XSS vulnerability | Dmitry V. (CEO of "UKR Solution") | Barcode Scanner with Inventory & Order Manager | High | 7.1 | 2025-08-31 03:46:57 | Deep Dive |
| CVE-2025-6025 | Order Tip for WooCommerce <= 1.5.4 - Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts | railmedia | Order Tip for WooCommerce | High | 7.5 | 2025-08-15 02:24:23 | Deep Dive |
| CVE-2025-54715 | WordPress Barcode Scanner with Inventory & Order Manager Plugin <= 1.9.0 - Arbitrary File Download Vulnerability | Dmitry V. (CEO of "UKR Solution") | Barcode Scanner with Inventory & Order Manager | Medium | 4.9 | 2025-08-14 18:21:46 | Deep Dive |
| CVE-2025-2942 | Order Delivery Date Pro for WooCommerce < 12.6.0 - Unauthenticated Arbitrary Post Title Disclosure | Unknown | Order Delivery Date | - | - | 2025-07-11 06:00:02 | Deep Dive |
| CVE-2025-53271 | WordPress Additional Order Filters for WooCommerce plugin <= 1.22 - Cross Site Request Forgery (CSRF) to Stored XSS Vulnerability | Anton Bond | Additional Order Filters for WooCommerce | High | 7.1 | 2025-06-27 13:21:14 | Deep Dive |
| CVE-2025-6124 | code-projects Restaurant Order System tablelow.php sql injection | code-projects | Restaurant Order System | High | 7.3 | 2025-06-16 13:31:05 | Deep Dive |
| CVE-2025-6123 | code-projects Restaurant Order System payment.php sql injection | code-projects | Restaurant Order System | High | 7.3 | 2025-06-16 13:00:08 | Deep Dive |
| CVE-2025-6122 | code-projects Restaurant Order System table.php sql injection | code-projects | Restaurant Order System | Medium | 6.3 | 2025-06-16 12:31:06 | Deep Dive |
| CVE-2025-5980 | code-projects Restaurant Order System order.php sql injection | code-projects | Restaurant Order System | High | 7.3 | 2025-06-10 21:00:12 | Deep Dive |
| CVE-2025-29013 | WordPress Custom Category/Post Type Post order plugin <= 1.6.0 - Broken Access Control Vulnerability | faaiq | Custom Category/Post Type Post order | Medium | 5.4 | 2025-06-06 12:54:25 | Deep Dive |
| CVE-2025-31056 | WordPress WhatsCart plugin <= 1.1.0 - SQL Injection vulnerability | Techspawn | WhatsCart - Whatsapp Abandoned Cart Recovery, Order Notifications, Chat Box, OTP for WooCommerce | Critical | 9.3 | 2025-05-23 12:44:09 | Deep Dive |
| CVE-2025-2929 | Order Delivery Date Pro for WooCommerce < 12.4.0 - Reflected XSS | Unknown | Order Delivery Date | - | - | 2025-05-20 06:00:06 | Deep Dive |
| CVE-2025-47682 | WordPress SMS Alert Order Notifications – WooCommerce plugin <= 3.8.1 - SQL Injection Vulnerability | Cozy Vision | SMS Alert Order Notifications | - | - | 2025-05-12 18:19:44 | Deep Dive |
| CVE-2025-3876 | SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Subscriber+) Privilege Escalation via handleWpLoginCreateUserAction Function | cozyvision1 | SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery | High | 8.8 | 2025-05-10 11:22:46 | Deep Dive |
| CVE-2025-3878 | SMS Alert Order Notifications – WooCommerce <= 3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via sa_verify Shortcode | cozyvision1 | SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery | Medium | 6.4 | 2025-05-10 11:22:46 | Deep Dive |