Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 513 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-11691 PPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated SQL Injection themeislePPOM – Product Addons & Custom Fields for WooCommerce High 7.5 2025-10-18 06:42:49 Deep Dive
CVE-2025-11391 PPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated Arbitrary File Upload themeislePPOM – Product Addons & Custom Fields for WooCommerce Critical 9.8 2025-10-18 06:42:48 Deep Dive
CVE-2025-24525 Keysight Ixia Vision Product Family Use of Hard-coded Cryptographic Key KeysightIxia Vision Product Family High 7.5 2025-09-30 23:04:15 Deep Dive
CVE-2025-10412 Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) <= 4.9.55 - Unauthenticated Arbitrary File Upload via 'uni_cpo_upload_file' MooMooProduct Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) Critical 9.8 2025-09-23 09:25:57 Deep Dive
CVE-2025-58992 WordPress Product Catalog Simple Plugin <= 1.8.2 - Cross Site Scripting (XSS) Vulnerability impleCodeProduct Catalog Simple Medium 6.5 2025-09-22 18:26:08 Deep Dive
CVE-2025-57908 WordPress Product Time Countdown for WooCommerce plugin <= 1.6.5 - Cross Site Scripting (XSS) vulnerability ProWCPluginsProduct Time Countdown for WooCommerce Medium 5.9 2025-09-22 18:25:22 Deep Dive
CVE-2025-57917 WordPress Printcart Web to Print Product Designer for WooCommerce plugin <= 2.4.8 - Broken Access Control vulnerability printcartPrintcart Web to Print Product Designer for WooCommerce Medium 4.3 2025-09-22 18:25:16 Deep Dive
CVE-2025-8411 XSS in Dokuzsoft Technology's E-Commerce Web Design Product Dokuzsoft TechnologyE-Commerce Web Design Product High 7.1 2025-09-17 11:17:58 Deep Dive
CVE-2025-58977 WordPress WP eBay Product Feeds Plugin <= 3.4.8 - Server Side Request Forgery (SSRF) Vulnerability Rhys WynneWP eBay Product Feeds Medium 4.9 2025-09-09 16:33:19 Deep Dive
CVE-2025-58985 WordPress Additional Custom Product Tabs for WooCommerce Plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability WPFactoryAdditional Custom Product Tabs for WooCommerce Medium 6.5 2025-09-09 16:33:13 Deep Dive
CVE-2025-10046 ELEX WooCommerce Google Shopping (Google Product Feed) <= 1.4.3 - Authenticated (Admin+) SQL Inejction elextensionsELEX WooCommerce Google Shopping (Google Product Feed) Medium 4.9 2025-09-06 06:43:00 Deep Dive
CVE-2025-58878 WordPress Woocommerce Gifts Product Plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability usamafarooqWoocommerce Gifts Product Medium 6.5 2025-09-05 13:45:50 Deep Dive
CVE-2025-58856 WordPress Woocommerce Notify Updated Product Plugin <= 1.6 - Cross Site Request Forgery (CSRF) Vulnerability ablancodevWoocommerce Notify Updated Product Medium 6.5 2025-09-05 13:45:38 Deep Dive
CVE-2025-58816 WordPress Product Carousel Slider for Elementor Plugin <= 2.1.3 - Broken Access Control Vulnerability Plugin DevsProduct Carousel Slider for Elementor Low 3.5 2025-09-05 13:45:16 Deep Dive
CVE-2025-58786 WordPress Ibtana – Ecommerce Product Addons plugin <= 0.4.7.6 - Cross Site Scripting (XSS) vulnerability VW THEMESIbtana – Ecommerce Product Addons Medium 6.5 2025-09-05 13:44:56 Deep Dive
CVE-2025-9761 Campcodes Online Feeds Product Inventory System Login index.php sql injection CampcodesOnline Feeds Product Inventory System High 7.3 2025-09-01 04:32:07 Deep Dive
CVE-2025-39496 WordPress WooBeWoo Product Filter Pro plugin < 2.9.6 - SQL Injection vulnerability WBWWooBeWoo Product Filter Pro Critical 9.3 2025-08-28 11:41:44 Deep Dive
CVE-2025-6255 Dynamic AJAX Product Filters for WooCommerce <= 1.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter plugincyDynamic AJAX Product Filters for WooCommerce Medium 6.4 2025-08-28 06:42:36 Deep Dive
CVE-2025-8073 Dynamic AJAX Product Filters for WooCommerce <= 1.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via name Parameter plugincyDynamic AJAX Product Filters for WooCommerce Medium 6.4 2025-08-28 06:42:35 Deep Dive
CVE-2025-7827 Ni WooCommerce Customer Product Report <= 1.2.4 - Missing Authorization to Authenticated (Subscriber+) Settings Update anziaNi WooCommerce Customer Product Report Medium 4.3 2025-08-23 04:25:46 Deep Dive