| CVE-2023-40559 | WordPress WooCommerce Dynamic Pricing and Discount Rules Plugin <= 2.4.0 is vulnerable to Cross Site Request Forgery (CSRF) | theDotstore | Dynamic Pricing and Discount Rules for WooCommerce | Medium | 4.3 | 2023-10-04 14:11:09 | Deep Dive |
| CVE-2023-40561 | Enhanced Ecommerce Google Analytics for WooCommerce | theDotstore | Enhanced Ecommerce Google Analytics for WooCommerce | Medium | 5.4 | 2023-10-04 13:55:25 | Deep Dive |
| CVE-2023-25788 | WordPress Saphali Woocommerce Lite Plugin <= 1.8.13 is vulnerable to Cross Site Request Forgery (CSRF) | Saphali | Saphali Woocommerce Lite | Medium | 6.3 | 2023-10-04 10:30:56 | Deep Dive |
| CVE-2023-39158 | WordPress Woocommerce Category Banner Management Plugin <= 2.4.2 is vulnerable to Cross Site Request Forgery (CSRF) | theDotstore | Banner Management For WooCommerce | Medium | 4.3 | 2023-10-03 13:20:37 | Deep Dive |
| CVE-2023-39159 | WordPress Fraud Prevention For Woocommerce Plugin <= 2.1.5 is vulnerable to Cross Site Request Forgery (CSRF) | theDotstore | Fraud Prevention For Woocommerce | Medium | 4.3 | 2023-10-03 12:39:48 | Deep Dive |
| CVE-2023-40212 | WordPress WooCommerce Product Attachment Plugin <= 2.1.8 is vulnerable to Cross Site Request Forgery (CSRF) | theDotstore | Product Attachment for WooCommerce | Medium | 4.3 | 2023-10-03 12:36:45 | Deep Dive |
| CVE-2023-44144 | WordPress Dreamfox Media Payment gateway per Product for Woocommerce Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS) | Dreamfox | Payment gateway per Product for WooCommerce | High | 7.1 | 2023-10-02 09:43:01 | Deep Dive |
| CVE-2023-41691 | WordPress WooCommerce PensoPay Plugin <= 6.3.1 is vulnerable to Cross Site Scripting (XSS) | Pensopay | WooCommerce PensoPay | High | 7.1 | 2023-09-29 13:56:01 | Deep Dive |
| CVE-2023-5230 | TM WooCommerce Compare & Wishlist <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | templatemonster-2002 | TM WooCommerce Compare & Wishlist | Medium | 6.4 | 2023-09-28 04:31:35 | Deep Dive |
| CVE-2023-4423 | WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce <= 3.1.37.1 - Authenticated (Admin+) Stored Cross-Site Scripting | wpeventmanager | WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce | Medium | 4.4 | 2023-09-27 03:03:01 | Deep Dive |
| CVE-2023-3547 | All in One B2B for WooCommerce <= 1.0.3 - Multiple CSRF | Unknown | All in One B2B for WooCommerce | 高危 | - | 2023-09-25 15:56:56 | Deep Dive |
| CVE-2023-41874 | WordPress Order Delivery Date for WooCommerce Plugin <= 3.20.0 is vulnerable to Cross Site Scripting (XSS) | Tyche Softwares | Order Delivery Date for WooCommerce | High | 7.1 | 2023-09-25 00:43:00 | Deep Dive |
| CVE-2023-4376 | Serial Codes Generator and Validator with WooCommerce Support < 2.4.15 - Admin+ Stored XSS | Unknown | Serial Codes Generator and Validator with WooCommerce Support | 中危 | - | 2023-09-19 19:06:03 | Deep Dive |
| CVE-2023-4948 | WooCommerce CVR Payment Gateway < 6.1.0 - Missing Authorization to Authenticated (Contributor+) CVR Update | Yan&Co | WooCommerce CVR Payment Gateway | Medium | 4.3 | 2023-09-14 03:24:08 | Deep Dive |
| CVE-2023-4945 | Booster for WooCommerce <= 7.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | pluggabl | Booster for WooCommerce – PDF Invoices, Abandoned Cart, Variation Swatches & 100+ Tools | Medium | 6.4 | 2023-09-14 02:29:51 | Deep Dive |
| CVE-2023-4216 | Orders Tracking for WooCommerce < 1.2.6 - Admin+ Arbitrary File Access/Read | Unknown | Orders Tracking for WooCommerce | 低危 | - | 2023-09-04 11:27:03 | Deep Dive |
| CVE-2023-32296 | WordPress Kangu para WooCommerce Plugin <= 2.2.9 is vulnerable to Cross Site Scripting (XSS) | Kangu | Kangu para WooCommerce | High | 7.1 | 2023-09-04 11:12:07 | Deep Dive |
| CVE-2023-39162 | WordPress User Email Verification for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS) | XLPlugins | User Email Verification for WooCommerce | High | 7.1 | 2023-09-04 09:46:44 | Deep Dive |
| CVE-2023-3764 | WooCommerce PDF Invoice Builder <= 1.2.90 - Cross-Site Request Forgery via Save | edgarrojas | PDF Builder for WooCommerce. Create invoices,packing slips and more | Medium | 4.3 | 2023-08-31 05:33:14 | Deep Dive |
| CVE-2023-4160 | WooCommerce PDF Invoice Builder <= 1.2.90 - Authenticated (Administrator+) Cross-Site Scripting | edgarrojas | PDF Builder for WooCommerce. Create invoices,packing slips and more | Medium | 4.4 | 2023-08-31 05:33:10 | Deep Dive |