| CVE-2022-4328 | WooCommerce Checkout Field Manager < 18.0 - Unauthenticated Arbitrary File Upload | Unknown | WooCommerce Checkout Field Manager | 超危 | - | 2023-03-06 13:34:04 | Deep Dive |
| CVE-2023-0068 | Product GTIN (EAN, UPC, ISBN) for WooCommerce <= 1.1.1 - Contributor+ Stored XSS | Unknown | Product GTIN (EAN, UPC, ISBN) for WooCommerce | 中危 | - | 2023-03-06 13:34:03 | Deep Dive |
| CVE-2022-47148 | WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF) | WP Overnight | PDF Invoices & Packing Slips for WooCommerce | Medium | 4.3 | 2023-03-01 14:25:48 | Deep Dive |
| CVE-2022-46806 | WordPress Cart All In One For WooCommerce Plugin <= 1.1.10 is vulnerable to Cross Site Request Forgery (CSRF) | VillaTheme | Cart All In One For WooCommerce | Medium | 5.4 | 2023-03-01 14:16:35 | Deep Dive |
| CVE-2022-46805 | WordPress Conditional Payments for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF) | Lauri Karisola / WP Trio | Conditional Shipping for WooCommerce | Medium | 5.4 | 2023-03-01 14:08:54 | Deep Dive |
| CVE-2022-46797 | WordPress Conversios.io Plugin <= 5.2.3 is vulnerable to Cross Site Request Forgery (CSRF) | Conversios | All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce | Medium | 5.4 | 2023-03-01 13:43:23 | Deep Dive |
| CVE-2022-45068 | WordPress Mercado Pago payments for WooCommerce Plugin <= 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) | Mercado Pago | Mercado Pago payments for WooCommerce | Medium | 5.4 | 2023-03-01 13:35:29 | Deep Dive |
| CVE-2022-40198 | WordPress TeraWallet – For WooCommerce Plugin <= 1.3.24 is vulnerable to Cross Site Request Forgery (CSRF) | StandaloneTech | TeraWallet – For WooCommerce | Medium | 4.3 | 2023-03-01 13:11:01 | Deep Dive |
| CVE-2023-23865 | WordPress Stripe Payments For WooCommerce by Checkout Plugin <= 1.4.10 is vulnerable to Cross Site Request Forgery (CSRF) | Checkout Plugins | Stripe Payments For WooCommerce by Checkout Plugins | Medium | 4.3 | 2023-02-28 14:45:53 | Deep Dive |
| CVE-2023-0942 | Japanized For WooCommerce <= 2.5.4 - Reflected Cross-Site Scripting | shoheitanaka | Japanized for WooCommerce | Medium | 6.1 | 2023-02-21 19:29:17 | Deep Dive |
| CVE-2022-4791 | Product Slider and Carousel with Category for WooCommerce < 2.8 - Contributor+ Stored XSS via Shortcode | Unknown | Product Slider and Carousel with Category for WooCommerce | 中危 | - | 2023-02-21 08:50:52 | Deep Dive |
| CVE-2023-0492 | GS Products Slider for WooCommerce < 1.5.9 - Contributor+ Stored XSS | Unknown | GS Products Slider for WooCommerce | 中危 | - | 2023-02-21 08:50:48 | Deep Dive |
| CVE-2023-0405 | GPT3 AI Content Writer < 1.4.38 - Subscriber+ Arbitrary Post Content Update | Unknown | GPT AI Power: Content Writer & ChatGPT & Image Generator & WooCommerce Product Writer & AI Training | 中危 | - | 2023-02-13 14:32:24 | Deep Dive |
| CVE-2023-0080 | Customer Reviews for WooCommerce < 5.16.0 - Contributor+ LFI | Unknown | Customer Reviews for WooCommerce | 高危 | - | 2023-02-13 14:32:22 | Deep Dive |
| CVE-2023-0166 | PickPlugins Product Slider for WooCommerce < 1.13.42 - Contributor+ Stored XSS | Unknown | Product Slider for WooCommerce by PickPlugins | 中危 | - | 2023-02-13 14:32:21 | Deep Dive |
| CVE-2023-0061 | Judge.me Product Reviews for WooCommerce < 1.3.21 - Contributor+ Stored XSS | Unknown | Judge.me Product Reviews for WooCommerce | 中危 | - | 2023-02-13 14:32:15 | Deep Dive |
| CVE-2023-0062 | EAN for WooCommerce < 4.4.3 - Contributor+ Stored XSS | Unknown | EAN for WooCommerce | 中危 | - | 2023-02-06 19:59:34 | Deep Dive |
| CVE-2023-0144 | Event Manager and Tickets Selling Plugin for WooCommerce < 3.8.0 - Contributor+ Stored XSS | Unknown | Event Manager and Tickets Selling Plugin for WooCommerce | 中危 | - | 2023-02-06 19:59:27 | Deep Dive |
| CVE-2022-29416 | WordPress Afterpay Gateway for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS) | Afterpay | Afterpay Gateway for WooCommerce | Medium | 4.7 | 2023-02-06 12:31:15 | Deep Dive |
| CVE-2022-46815 | WordPress Conditional Shipping for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF) | Lauri Karisola / WP Trio | Conditional Shipping for WooCommerce | Medium | 5.4 | 2023-02-02 16:21:27 | Deep Dive |