| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-1839 | Product Addons & Fields for WooCommerce < 32.0.6 - Admin+ Stored Cross-Site Scripting | Unknown | Product Addons & Fields for WooCommerce | 中危 | - | 2023-05-15 12:15:46 | Deep Dive |
| CVE-2023-2179 | WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update | Unknown | WooCommerce Order Status Change Notifier | 中危 | - | 2023-05-15 12:15:36 | Deep Dive |
| CVE-2022-46858 | WordPress Product Specifications for Woocommerce Plugin <= 0.6.0 is vulnerable to Cross Site Scripting (XSS) | Amin A.Rezapour | Product Specifications for Woocommerce | High | 7.1 | 2023-05-09 11:40:30 | Deep Dive |
| CVE-2022-46864 | WordPress Woocommerce Custom Checkout Fields Editor With Drag & Drop Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS) | Umair Saleem | Woocommerce Custom Checkout Fields Editor With Drag & Drop | High | 7.1 | 2023-05-09 11:33:38 | Deep Dive |
| CVE-2022-46822 | WordPress WooCommerce JazzCash Gateway Plugin Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS) | JC Development Team | WooCommerce JazzCash Gateway Plugin | High | 7.1 | 2023-05-09 11:12:09 | Deep Dive |
| CVE-2023-22710 | WordPress Return and Warranty Management System for WooCommerce Plugin <= 1.2.3 is vulnerable to Cross Site Scripting (XSS) | chilidevs | Return and Warranty Management System for WooCommerce | High | 7.1 | 2023-05-08 22:05:03 | Deep Dive |
| CVE-2023-0537 | Product Slider For WooCommerce Lite <= 1.1.7 - Contributor+ Stored XSS | Unknown | Product Slider For WooCommerce Lite | 中危 | - | 2023-05-08 13:58:23 | Deep Dive |
| CVE-2022-4118 | Bitcoin / AltCoin Payment Gateway <= 1.7.1 - Unauthenticated SQLi | Unknown | Bitcoin / AltCoin Payment Gateway for WooCommerce & Multivendor store / shop | 超危 | - | 2023-05-08 13:58:20 | Deep Dive |
| CVE-2023-0948 | Japanized For WooCommerce < 2.5.8 - Reflected XSS | Unknown | Japanized For WooCommerce | 中危 | - | 2023-05-08 13:58:04 | Deep Dive |
| CVE-2022-47449 | WordPress Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS) | RexTheme | Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD | High | 7.1 | 2023-05-04 20:18:34 | Deep Dive |
| CVE-2023-28121 | WordPress plugin WooCommerce Payments 授权问题漏洞 | - | WooCommerce Payments WordPress Plugin | 超危 | - | 2023-04-12 00:00:00 | Deep Dive |
| CVE-2023-29170 | WordPress Product Enquiry for WooCommerce Plugin <= 2.2.12 is vulnerable to Cross Site Scripting (XSS) | PI Websolution | Product Enquiry for WooCommerce, WooCommerce product catalog | Medium | 5.9 | 2023-04-07 14:35:55 | Deep Dive |
| CVE-2023-29094 | WordPress Product page shipping calculator for WooCommerce Plugin <= 1.3.20 is vulnerable to Cross Site Scripting (XSS) | PI Websolution | Product page shipping calculator for WooCommerce | Medium | 5.9 | 2023-04-07 12:59:30 | Deep Dive |
| CVE-2022-46793 | WordPress Product Feed PRO for WooCommerce Plugin <= 12.4.4 is vulnerable to Cross Site Request Forgery (CSRF) | AdTribes.io | Product Feed PRO for WooCommerce | Medium | 5.4 | 2023-04-06 12:44:09 | Deep Dive |
| CVE-2022-4941 | WCFM Membership <= 2.9.10 - Cross-Site Request Forgery | wclovers | WCFM Membership – WooCommerce Memberships for Multivendor Marketplace | Medium | 6.3 | 2023-04-05 18:00:49 | Deep Dive |
| CVE-2022-4940 | WCFM Membership <= 2.10.0 - Missing Authorization | wclovers | WCFM Membership – WooCommerce Memberships for Multivendor Marketplace | High | 7.3 | 2023-04-05 18:00:40 | Deep Dive |
| CVE-2022-4939 | WCFM Membership <= 2.10.0 - Unauthenticated Privilege Escalation | wclovers | WCFM Membership – WooCommerce Memberships for Multivendor Marketplace | Critical | 9.8 | 2023-04-05 18:00:30 | Deep Dive |
| CVE-2022-4938 | WCFM Frontend Manager <= 6.5.13 - Cross-Site Request Forgery | wclovers | WCFM – Frontend Manager for WooCommerce | Medium | 6.3 | 2023-04-05 17:40:32 | Deep Dive |
| CVE-2022-4937 | WordPress plugin Frontend Manager 安全漏洞 | wclovers | WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible | Medium | 6.3 | 2023-04-05 17:40:18 | Deep Dive |
| CVE-2022-4936 | WCFM Marketplace <= 3.4.12 - Cross-Site Request Forgery | wclovers | WCFM Marketplace – Multivendor Marketplace for WooCommerce | Medium | 6.3 | 2023-04-05 17:27:54 | Deep Dive |