| CVE-2023-32745 | WordPress AutomateWoo Plugin <= 5.7.1 is vulnerable to Cross Site Request Forgery (CSRF) | WooCommerce | AutomateWoo | Medium | 5.4 | 2023-11-09 20:38:31 | Deep Dive |
| CVE-2023-32794 | WordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to Cross Site Request Forgery (CSRF) | WooCommerce | Product Add-Ons | Medium | 5.4 | 2023-11-09 20:35:33 | Deep Dive |
| CVE-2023-34386 | WordPress WPC Smart Wishlist for WooCommerce Plugin <= 4.7.1 is vulnerable to Cross Site Request Forgery (CSRF) | WPClever | WPC Smart Wishlist for WooCommerce | Medium | 4.3 | 2023-11-09 18:00:48 | Deep Dive |
| CVE-2022-47181 | WordPress Email Templates Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF) | wpexpertsio | Email Templates Customizer and Designer for WordPress and WooCommerce | Medium | 4.3 | 2023-11-07 17:23:38 | Deep Dive |
| CVE-2022-45810 | WordPress Email Subscribers & Newsletters Plugin <= 5.5.2 is vulnerable to CSV Injection | Icegram | Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce | Medium | 4.7 | 2023-11-07 16:50:04 | Deep Dive |
| CVE-2022-46809 | WordPress ReviewX Plugin <= 1.6.7 is vulnerable to CSV Injection | WPDeveloper | ReviewX – Multi-criteria Rating & Reviews for WooCommerce | Medium | 6.1 | 2023-11-07 16:37:51 | Deep Dive |
| CVE-2022-46802 | WordPress Product Reviews Import Export for WooCommerce Plugin <= 1.4.8 is vulnerable to CSV Injection | WebToffee | Product Reviews Import Export for WooCommerce | Medium | 6.1 | 2023-11-07 16:07:32 | Deep Dive |
| CVE-2023-5703 | Gift Up Gift Cards for WordPress and WooCommerce <= 2.20.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | koanleeroy | Gift Up Gift Cards for WordPress and WooCommerce | Medium | 6.4 | 2023-11-07 11:31:07 | Deep Dive |
| CVE-2023-5601 | WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload | Unknown | WooCommerce Ninja Forms Product Add-ons | 高危 | - | 2023-11-06 20:41:49 | Deep Dive |
| CVE-2023-47186 | WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.11 is vulnerable to Cross Site Request Forgery (CSRF) | Kadence WP | Kadence WooCommerce Email Designer | Medium | 4.3 | 2023-11-06 11:25:24 | Deep Dive |
| CVE-2023-46822 | WordPress WooCommerce – Store Exporter Plugin <= 2.7.2 is vulnerable to Cross Site Scripting (XSS) | Visser Labs | Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More | High | 7.1 | 2023-11-06 09:30:18 | Deep Dive |
| CVE-2023-46783 | WordPress Pre-Orders for WooCommerce Plugin <= 1.2.13 is vulnerable to Cross Site Scripting (XSS) | Bright Plugins | Pre-Orders for WooCommerce | 中危 | - | 2023-11-06 09:26:18 | Deep Dive |
| CVE-2023-41685 | WordPress Woocommerce Support System Plugin <= 1.2.1 is vulnerable to SQL Injection | ilGhera | Woocommerce Support System | High | 7.6 | 2023-11-06 08:17:56 | Deep Dive |
| CVE-2023-35879 | WordPress WooCommerce Product Vendors Plugin <= 2.1.78 is vulnerable to SQL Injection | WooCommerce | Product Vendors | High | 7.6 | 2023-10-31 14:20:23 | Deep Dive |
| CVE-2023-46094 | WordPress Conversios.io Plugin <= 6.5.3 is vulnerable to Cross Site Scripting (XSS) | Conversios | Track Google Analytics 4, Facebook Pixel & Conversions API via Google Tag Manager for WooCommerce | High | 7.1 | 2023-10-26 12:18:46 | Deep Dive |
| CVE-2023-46076 | WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.102 is vulnerable to Cross Site Scripting (XSS) | RedNao | WooCommerce PDF Invoice Builder, Create invoices, packing slips and more | High | 7.1 | 2023-10-26 12:05:36 | Deep Dive |
| CVE-2023-30492 | WordPress Minimum Purchase for WooCommerce Plugin <= 2.0.0.1 is vulnerable to Cross Site Scripting (XSS) | Vark | Minimum Purchase for WooCommerce | Medium | 6.5 | 2023-10-26 11:58:33 | Deep Dive |
| CVE-2023-4941 | BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 4.3 | 2023-10-20 07:29:29 | Deep Dive |
| CVE-2023-4926 | BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 5.4 | 2023-10-20 07:29:27 | Deep Dive |
| CVE-2023-4796 | Booster for WooCommerce <= 7.1.0 - Authenticated (Subscriber+) Information Disclosure via Shortcode | pluggabl | Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools | Medium | 4.3 | 2023-10-20 07:29:26 | Deep Dive |