| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-3162 | Stripe Payment Plugin for WooCommerce <= 3.7.7 - Authentication Bypass | themehigh | Payment Gateway of Stripe for WooCommerce | Critical | 9.8 | 2023-08-31 05:33:07 | Deep Dive |
| CVE-2023-3677 | WooCommerce PDF Invoice Builder <= 1.2.89 - Authenticated (Subscriber+) SQL Injection via Export | edgarrojas | PDF Builder for WooCommerce. Create invoices,packing slips and more | High | 8.8 | 2023-08-31 05:33:07 | Deep Dive |
| CVE-2023-4161 | WooCommerce PDF Invoice Builder <= 1.2.90 - Cross-Site Request Forgery to Custom Field Creation | edgarrojas | PDF Builder for WooCommerce. Create invoices,packing slips and more | Medium | 4.3 | 2023-08-31 05:33:06 | Deep Dive |
| CVE-2023-4245 | WooCommerce PDF Invoice Builder <= 1.2.89 - Missing Authorization to Sensitive Information Exposure | edgarrojas | PDF Builder for WooCommerce. Create invoices,packing slips and more | Medium | 4.3 | 2023-08-31 05:33:04 | Deep Dive |
| CVE-2023-28415 | WordPress Side Cart Woocommerce (Ajax) Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS) | XootiX | Side Cart Woocommerce (Ajax) | Medium | 5.9 | 2023-08-30 15:31:01 | Deep Dive |
| CVE-2023-34004 | WordPress WooCommerce Box Office Plugin <= 1.1.50 is vulnerable to Cross Site Scripting (XSS) | WooCommerce | WooCommerce Box Office | Medium | 6.5 | 2023-08-30 14:56:06 | Deep Dive |
| CVE-2023-34184 | WordPress Woocommerce Order address Print Plugin <= 3.2 is vulnerable to Cross Site Scripting (XSS) | Bhavik Patel | Woocommerce Order address Print | High | 7.1 | 2023-08-30 13:28:58 | Deep Dive |
| CVE-2023-33317 | WordPress WooCommerce Warranty Requests Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS) | WooCommerce | Returns and Warranty Requests | High | 7.1 | 2023-08-30 12:29:05 | Deep Dive |
| CVE-2023-32962 | WordPress WishSuite Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS) | HasTheme | WishSuite – Wishlist for WooCommerce | Medium | 5.9 | 2023-08-30 11:56:06 | Deep Dive |
| CVE-2023-32746 | WordPress WooCommerce Brands Plugin <= 1.6.45 is vulnerable to Cross Site Scripting (XSS) | WooCommerce | WooCommerce Brands | Medium | 6.5 | 2023-08-30 11:39:25 | Deep Dive |
| CVE-2023-32793 | WordPress WooCommerce Pre-Orders Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS) | WooCommerce | WooCommerce Pre-Orders | Medium | 6.5 | 2023-08-30 11:34:55 | Deep Dive |
| CVE-2023-32802 | WordPress WooCommerce Pre-Orders Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS) | WooCommerce | WooCommerce Pre-Orders | High | 7.1 | 2023-08-30 11:29:34 | Deep Dive |
| CVE-2023-32801 | WordPress WooCommerce Composite Products Plugin <= 8.7.5 is vulnerable to Cross Site Scripting (XSS) | WooCommerce | Composite Products | High | 7.1 | 2023-08-30 11:25:13 | Deep Dive |
| CVE-2023-32575 | WordPress Product page shipping calculator for WooCommerce Plugin <= 1.3.25 is vulnerable to Cross Site Scripting (XSS) | PI Websolution | Product page shipping calculator for WooCommerce | Medium | 5.9 | 2023-08-25 10:28:39 | Deep Dive |
| CVE-2023-3366 | MultiParcels Shipping For WooCommerce < 1.15.2 - Arbitrary Shipment Deletion via CSRF | Unknown | MultiParcels Shipping For WooCommerce | 中危 | - | 2023-08-21 12:29:50 | Deep Dive |
| CVE-2023-3954 | MultiParcels Shipping For WooCommerce 1.15.2-1.15.3 - Reflected XSS | Unknown | MultiParcels Shipping For WooCommerce | 中危 | - | 2023-08-21 12:29:49 | Deep Dive |
| CVE-2023-31094 | WordPress Stock Sync for WooCommerce Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS) | Lauri Karisola / WP Trio | Stock Sync for WooCommerce | High | 7.1 | 2023-08-18 12:50:58 | Deep Dive |
| CVE-2023-4040 | WordPress plugin Stripe Payment Plugin for WooCommerce 安全漏洞 | webtoffee | Stripe Payment Plugin for WooCommerce | Medium | 5.3 | 2023-08-18 06:46:51 | Deep Dive |
| CVE-2023-28783 | WordPress Woocommerce Tip/Donation Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS) | PHPRADAR | Woocommerce Tip/Donation | Medium | 5.9 | 2023-08-17 14:50:27 | Deep Dive |
| CVE-2023-30871 | WordPress Stock Exporter for WooCommerce Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS) | PT Woo Plugins (by Webdados) | Stock Exporter for WooCommerce | High | 7.1 | 2023-08-16 10:10:28 | Deep Dive |