| CVE-2023-49855 | WordPress BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter Plugin <= 1.49.3 is vulnerable to Cross Site Request Forgery (CSRF) | BinaryCarpenter | Menu Bar Cart Icon For WooCommerce By Binary Carpenter | Medium | 6.5 | 2023-12-18 10:18:11 | Deep Dive |
| CVE-2023-49834 | WordPress WOOCS – WooCommerce Currency Switcher Plugin <= 1.4.1.4 is vulnerable to Cross Site Request Forgery (CSRF) | realmag777 | FOX – Currency Switcher Professional for WooCommerce | Medium | 5.4 | 2023-12-17 10:38:49 | Deep Dive |
| CVE-2023-49744 | WordPress Gift Up Gift Cards for WordPress and WooCommerce Plugin <= 2.21.3 is vulnerable to Cross Site Request Forgery (CSRF) | Gift Up | Gift Up Gift Cards for WordPress and WooCommerce | Medium | 5.4 | 2023-12-15 15:42:16 | Deep Dive |
| CVE-2023-49185 | WordPress Doofinder for WooCommerce Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS) | Doofinder | Doofinder WP & WooCommerce Search | High | 7.1 | 2023-12-15 14:59:28 | Deep Dive |
| CVE-2023-49181 | WordPress WP Event Manager Plugin <= 3.1.40 is vulnerable to Cross Site Scripting (XSS) | WP Event Manager | WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce | Medium | 5.9 | 2023-12-15 14:49:52 | Deep Dive |
| CVE-2023-49827 | WordPress Soledad Theme <= 8.4.1 is vulnerable to Cross Site Scripting (XSS) | PenciDesign | Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme | High | 7.1 | 2023-12-14 14:32:12 | Deep Dive |
| CVE-2023-50369 | WordPress Alma – Pay in installments or later for WooCommerce Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS) | Alma | Alma – Pay in installments or later for WooCommerce | Medium | 6.5 | 2023-12-14 13:50:39 | Deep Dive |
| CVE-2023-37972 | WordPress WooCommerce Product Stock Alert Plugin <= 2.0.1 is vulnerable to Sensitive Data Exposure | MultiVendorX | Product Stock Manager & Notifier for WooCommerce | Medium | 5.3 | 2023-11-30 15:07:39 | Deep Dive |
| CVE-2023-48333 | WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure | Pluggabl LLC | Booster for WooCommerce | Medium | 6.5 | 2023-11-30 14:17:29 | Deep Dive |
| CVE-2023-48742 | WordPress License Manager for WooCommerce Plugin <= 2.2.10 is vulnerable to SQL Injection | LicenseManager | License Manager for WooCommerce | High | 7.6 | 2023-11-30 14:07:10 | Deep Dive |
| CVE-2023-48284 | WordPress Decorator – WooCommerce Email Customizer Plugin <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF) | WebToffee | Decorator – WooCommerce Email Customizer | Medium | 4.3 | 2023-11-30 13:01:43 | Deep Dive |
| CVE-2023-47777 | WordPress WooCommerce and WooCommerce Blocks plugins - Auth. Cross-Site Scripting (XSS) vulnerability | Automattic | WooCommerce | Medium | 6.5 | 2023-11-30 11:56:54 | Deep Dive |
| CVE-2023-5325 | Woocommerce Vietnam Checkout < 2.0.6 - Unauthenticated Stored XSS | Unknown | Woocommerce Vietnam Checkout | 高危 | - | 2023-11-27 16:22:03 | Deep Dive |
| CVE-2023-47244 | WordPress Email Marketing for WooCommerce by Omnisend Plugin <= 1.13.8 is vulnerable to Sensitive Data Exposure | Omnisend | Email Marketing for WooCommerce by Omnisend | Medium | 5.3 | 2023-11-23 20:30:57 | Deep Dive |
| CVE-2023-40002 | WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure | Pluggabl LLC | Booster for WooCommerce | Medium | 6.5 | 2023-11-22 23:57:38 | Deep Dive |
| CVE-2023-47755 | WordPress WooCommerce Product Carousel Slider Plugin <= 3.3.5 is vulnerable to Cross Site Scripting (XSS) | AazzTech | WooCommerce Product Carousel Slider | Medium | 6.5 | 2023-11-22 18:07:36 | Deep Dive |
| CVE-2023-5234 | Related Products for WooCommerce <= 3.3.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | peachpay | Related Products for WooCommerce | Medium | 6.4 | 2023-11-22 15:33:33 | Deep Dive |
| CVE-2023-2841 | Advanced Local Pickup for WooCommerce <= 1.5.5 - Authenticated (Administrator+) SQL Injection | zorem | Zorem Local Pickup | High | 7.2 | 2023-11-22 15:33:20 | Deep Dive |
| CVE-2023-47519 | WordPress WooCommerce Product Table Lite Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF) | WC Product Table | WooCommerce Product Table Lite | Medium | 4.3 | 2023-11-18 22:01:12 | Deep Dive |
| CVE-2023-32796 | WordPress WooCommerce Product Enquiry Plugin <= 2.3.4 is vulnerable to Cross Site Scripting (XSS) | MingoCommerce | WooCommerce Product Enquiry | High | 7.1 | 2023-11-16 19:57:09 | Deep Dive |