| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-4923 | BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 5.4 | 2023-10-20 07:29:22 | Deep Dive |
| CVE-2023-4924 | BEAR <= 1.1.3.3 - Missing Authorization to Product Deletion | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 5.4 | 2023-10-20 07:29:22 | Deep Dive |
| CVE-2023-4935 | BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile Creation | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 4.3 | 2023-10-20 06:35:28 | Deep Dive |
| CVE-2021-4353 | WooCommerce Dynamic Pricing and Discounts <= 2.4.1 - Unauthenticated Settings Import/Export | RightPress | WooCommerce Dynamic Pricing and Discounts | Medium | 5.3 | 2023-10-20 06:35:25 | Deep Dive |
| CVE-2023-4920 | BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 4.3 | 2023-10-20 06:35:23 | Deep Dive |
| CVE-2023-5414 | Icegram Express <= 5.6.23 - Authenticated (Administrator+) Directory Traversal to Arbitrary File Read | icegram | Email Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress | Critical | 9.1 | 2023-10-20 06:35:20 | Deep Dive |
| CVE-2023-4937 | BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 4.3 | 2023-10-20 06:35:19 | Deep Dive |
| CVE-2023-4940 | BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 4.3 | 2023-10-20 06:35:16 | Deep Dive |
| CVE-2023-4943 | BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 4.3 | 2023-10-20 06:35:14 | Deep Dive |
| CVE-2023-4947 | WooCommerce EAN Payment Gateway < 6.1.0 - Missing Authorization to Authenticated (Contributor+) EAN Update | Yan&Co | WooCommerce EAN Payment Gateway | Medium | 4.3 | 2023-10-20 06:35:13 | Deep Dive |
| CVE-2023-4942 | BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 4.3 | 2023-10-20 06:35:12 | Deep Dive |
| CVE-2023-5638 | Booster for WooCommerce <= 7.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | pluggabl | Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools | Medium | 6.4 | 2023-10-19 01:53:51 | Deep Dive |
| CVE-2023-45072 | WordPress Order auto complete for WooCommerce Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS) | Kardi | Order auto complete for WooCommerce | Medium | 5.9 | 2023-10-18 12:43:01 | Deep Dive |
| CVE-2023-4938 | BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation | realmag777 | BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net | Medium | 4.3 | 2023-10-18 07:31:17 | Deep Dive |
| CVE-2023-45006 | WordPress WooODT Lite Plugin <= 2.4.6 is vulnerable to Cross Site Scripting (XSS) | ByConsole | WooODT Lite – WooCommerce Order Delivery or Pickup with Date Time Location | High | 7.1 | 2023-10-17 11:24:12 | Deep Dive |
| CVE-2023-4821 | Drag and Drop Multiple File Upload < 1.1.1 - Unauthenticated Stored Cross-Site Scripting | Unknown | Drag and Drop Multiple File Upload for WooCommerce | 中危 | - | 2023-10-16 19:39:24 | Deep Dive |
| CVE-2023-44986 | WordPress Abandoned Cart Lite for WooCommerce Plugin <= 5.15.2 is vulnerable to Cross Site Scripting (XSS) | Tyche Softwares | Abandoned Cart Lite for WooCommerce | Medium | 5.9 | 2023-10-16 10:50:01 | Deep Dive |
| CVE-2023-45638 | WordPress Eupago Gateway For Woocommerce Plugin <= 3.1.9 is vulnerable to Cross Site Request Forgery (CSRF) | euPago | Eupago Gateway For Woocommerce | Medium | 6.5 | 2023-10-16 08:59:06 | Deep Dive |
| CVE-2023-44995 | WordPress WooCommerce Login Redirect Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF) | WP Doctor | WooCommerce Login Redirect | Medium | 5.4 | 2023-10-10 15:46:49 | Deep Dive |
| CVE-2023-44260 | WordPress Woocommerce ESTO Plugin <= 2.23.1 is vulnerable to Cross Site Request Forgery (CSRF) | Mikk Mihkel Nurges, Rebing OÜ | Woocommerce ESTO | Medium | 4.3 | 2023-10-09 08:35:07 | Deep Dive |