| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-3860 | Visual Email Designer for WooCommerce < 1.7.2 - Multiple Author+ SQLi | Unknown | Visual Email Designer for WooCommerce | 高危 | - | 2023-01-02 21:53:14 | Deep Dive |
| CVE-2022-4329 | Product list Widget for Woocommerce <= 1.0 - Reflected XSS | Unknown | Product list Widget for Woocommerce | 中危 | - | 2023-01-02 21:49:38 | Deep Dive |
| CVE-2022-4109 | Wholesale Market for WooCommerce < 2.0.0 - Admin+ Arbitrary Log Download | Unknown | Wholesale Market for WooCommerce | 低危 | - | 2023-01-02 21:49:31 | Deep Dive |
| CVE-2022-4047 | Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload | Unknown | Return Refund and Exchange For WooCommerce | 超危 | - | 2022-12-26 12:28:14 | Deep Dive |
| CVE-2022-4227 | Booster for WooCommerce - Reflected Cross-Site Scripting | Unknown | Booster for WooCommerce | 中危 | - | 2022-12-26 12:28:11 | Deep Dive |
| CVE-2022-4106 | Wholesale Market for WooCommerce < 1.0.7 - Unauthenticated Arbitrary File Download | Unknown | Wholesale Market for WooCommerce | 高危 | - | 2022-12-19 13:41:51 | Deep Dive |
| CVE-2022-4107 | SMSA Shipping for WooCommerce < 1.0.5 - Subscriber+ Arbitrary File Download | Unknown | SMSA Shipping for WooCommerce | 中危 | - | 2022-12-19 13:41:49 | Deep Dive |
| CVE-2022-4108 | Wholesale Market for WooCommerce < 1.0.8 - Admin+ Arbitrary File Download | Unknown | Wholesale Market for WooCommerce | 中危 | - | 2022-12-19 13:41:45 | Deep Dive |
| CVE-2022-4016 | Booster for WooCommerce - Custom Role Creation/Deletion via CSRF | Unknown | Booster for WooCommerce | 中危 | - | 2022-12-12 17:57:11 | Deep Dive |
| CVE-2022-4000 | WooCommerce Shipping - DPD baltic < 1.2.11 - Admin+ Stored XSS | Unknown | WooCommerce Shipping | 中危 | - | 2022-12-12 17:54:57 | Deep Dive |
| CVE-2022-3908 | Helloprint < 1.4.7 - Reflected Cross-Site Scripting | Unknown | Plug your WooCommerce into the largest catalog of customized print products from Helloprint | 中危 | - | 2022-12-12 17:54:33 | Deep Dive |
| CVE-2022-45359 | WordPress YITH WooCommerce Gift Cards Premium Plugin <= 3.19.0 is vulnerable to Arbitrary File Upload | YITH | YITH WooCommerce Gift Cards | Critical | 9.8 | 2022-12-06 20:36:45 | Deep Dive |
| CVE-2022-3995 | TeraWallet – For WooCommerce <= 1.4.3 - Insecure Direct Object Reference | subratamal | Wallet for WooCommerce | Medium | 4.3 | 2022-11-29 20:43:16 | Deep Dive |
| CVE-2022-3603 | Export customers list CSV for WooCommerce < 2.0.69 - CSV Injection | Unknown | Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list | 超危 | - | 2022-11-28 13:47:22 | Deep Dive |
| CVE-2022-3490 | Checkout Field Editor for WooCommerce < 1.8.0 - Admin+ PHP Object Injection | Unknown | Checkout Field Editor (Checkout Manager) for WooCommerce | 高危 | - | 2022-11-28 13:47:16 | Deep Dive |
| CVE-2022-3762 | Booster for WooCommerce - ShopManager+ Arbitrary File Download | Unknown | Booster for WooCommerce | 中危 | - | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2022-3763 | Booster for WooCommerce - Checkout Files Deletion via CSRF | Unknown | Booster for WooCommerce | 高危 | - | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2022-41655 | WordPress Phone Orders for WooCommerce plugin <= 3.7.1 - Auth. Sensitive Data Exposure vulnerability | AlgolPlus | Phone Orders for WooCommerce (WordPress plugin) | Medium | 4.3 | 2022-11-18 22:22:14 | Deep Dive |
| CVE-2022-41685 | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Integration for Szamlazz.hu & WooCommerce and Csomagpontok és szállítási címkék WooCommerce hez plugins | Viszt Péter | Integration for Szamlazz.hu & WooCommerce (WordPress plugin) | Medium | 5.4 | 2022-11-18 22:18:34 | Deep Dive |
| CVE-2022-44634 | WordPress S2W – Import Shopify to WooCommerce plugin <= 1.1.12 - Auth. Arbitrary File Read vulnerability | VillaTheme | S2W – Import Shopify to WooCommerce (WordPress plugin) | Medium | 4.9 | 2022-11-18 21:58:17 | Deep Dive |