| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-3490 | Checkout Field Editor for WooCommerce < 1.8.0 - Admin+ PHP Object Injection | Unknown | Checkout Field Editor (Checkout Manager) for WooCommerce | 高危 | - | 2022-11-28 13:47:16 | Deep Dive |
| CVE-2022-3762 | Booster for WooCommerce - ShopManager+ Arbitrary File Download | Unknown | Booster for WooCommerce | 中危 | - | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2022-3763 | Booster for WooCommerce - Checkout Files Deletion via CSRF | Unknown | Booster for WooCommerce | 高危 | - | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2022-41655 | WordPress Phone Orders for WooCommerce plugin <= 3.7.1 - Auth. Sensitive Data Exposure vulnerability | AlgolPlus | Phone Orders for WooCommerce (WordPress plugin) | Medium | 4.3 | 2022-11-18 22:22:14 | Deep Dive |
| CVE-2022-41685 | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Integration for Szamlazz.hu & WooCommerce and Csomagpontok és szállítási címkék WooCommerce hez plugins | Viszt Péter | Integration for Szamlazz.hu & WooCommerce (WordPress plugin) | Medium | 5.4 | 2022-11-18 22:18:34 | Deep Dive |
| CVE-2022-44634 | WordPress S2W – Import Shopify to WooCommerce plugin <= 1.1.12 - Auth. Arbitrary File Read vulnerability | VillaTheme | S2W – Import Shopify to WooCommerce (WordPress plugin) | Medium | 4.9 | 2022-11-18 21:58:17 | Deep Dive |
| CVE-2022-43463 | WordPress Custom Product Tabs for WooCommerce plugin <= 1.7.9 - Auth. Stored Cross-Site Scripting (XSS) vulnerability | YIKES, Inc. | Custom Product Tabs for WooCommerce (WordPress plugin) | Medium | 4.8 | 2022-11-18 18:51:40 | Deep Dive |
| CVE-2022-41805 | WordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerability | Pluggabl LLC | Booster for WooCommerce (WordPress plugin) | Medium | 5.4 | 2022-11-18 18:44:15 | Deep Dive |
| CVE-2022-45066 | WordPress WooSwipe WooCommerce Gallery plugin <= 2.0.1 - Auth. Broken Access Control vulnerability | Thrive Website Design | WooSwipe WooCommerce Gallery (WordPress plugin) | Medium | 5.4 | 2022-11-17 22:05:04 | Deep Dive |
| CVE-2022-43488 | WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 - Cross-Site Request Forgery (CSRF) vulnerability | AlgolPlus | Advanced Dynamic Pricing for WooCommerce (WordPress plugin) | Medium | 5.4 | 2022-11-09 15:44:58 | Deep Dive |
| CVE-2022-40128 | WordPress Advanced Order Export For WooCommerce plugin <= 3.3.2 - Cross-Site Request Forgery (CSRF) vulnerability | AlgolPlus | Advanced Order Export For WooCommerce (WordPress plugin) | Medium | 4.3 | 2022-11-08 18:15:18 | Deep Dive |
| CVE-2022-43491 | WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 - Cross-Site Request Forgery (CSRF) vulnerability | AlgolPlus | Advanced Dynamic Pricing for WooCommerce (WordPress plugin) | Medium | 5.4 | 2022-11-08 18:12:19 | Deep Dive |
| CVE-2022-3481 | WooCommerce Dropshipping < 4.4 - Unauthenticated SQLi | Unknown | WooCommerce Dropshipping | 超危 | - | 2022-11-07 00:00:00 | Deep Dive |
| CVE-2022-3536 | Role Based Pricing for WooCommerce < 1.6.3 - Subscriber+ PHAR Deserialization | Unknown | Role Based Pricing for WooCommerce | 高危 | - | 2022-11-07 00:00:00 | Deep Dive |
| CVE-2022-3537 | Role Based Pricing for WooCommerce < 1.6.2 - Subscriber+ Arbitrary File Upload | Unknown | Role Based Pricing for WooCommerce | 高危 | - | 2022-11-07 00:00:00 | Deep Dive |
| CVE-2022-3335 | Kadence WooCommerce Email Designer < 1.5.7 - Admin+ PHP Objection Injection | Unknown | Kadence WooCommerce Email Designer | 高危 | - | 2022-10-25 00:00:00 | Deep Dive |
| CVE-2022-41623 | WordPress ALD - AliExpress Dropshipping and Fulfillment for WooCommerce premium plugin <= 1.1.0 - Sensitive Data Exposure vulnerability | Villatheme | ALD - AliExpress Dropshipping and Fulfillment for WooCommerce (WordPress plugin) | High | 7.5 | 2022-10-14 19:37:10 | Deep Dive |
| CVE-2022-38134 | WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Authenticated Broken Access Control vulnerability | CusRev | Customer Reviews for WooCommerce (WordPress plugin) | Medium | 4.3 | 2022-09-23 15:14:40 | Deep Dive |
| CVE-2022-38470 | WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Cross-Site Request Forgery (CSRF) vulnerability | CusRev | Customer Reviews for WooCommerce (WordPress plugin) | Medium | 4.3 | 2022-09-23 15:08:23 | Deep Dive |
| CVE-2022-40194 | WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Sensitive Information Disclosure vulnerability | CusRev | Customer Reviews for WooCommerce (WordPress plugin) | Medium | 5.3 | 2022-09-23 15:05:35 | Deep Dive |