| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-8617 | YITH WooCommerce Quick View <= 2.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via yith_quick_view Shortcode | yithemes | YITH WooCommerce Quick View | Medium | 6.4 | 2025-12-13 04:31:29 | Deep Dive |
| CVE-2025-12584 | Quick View for WooCommerce <= 2.2.17 - Unauthenticated Private Product Disclosure | shapedplugin | Quick View for WooCommerce | Medium | 5.3 | 2025-11-27 09:27:49 | Deep Dive |
| CVE-2025-11741 | WPC Smart Quick View for WooCommerce <= 4.2.5 - Insecure Direct Object Reference to Unauthenticated Private Product Exposure | wpclever | WPC Smart Quick View for WooCommerce | Medium | 5.3 | 2025-10-18 06:42:45 | Deep Dive |
| CVE-2025-57967 | WordPress WPB Quick View for WooCommerce plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability | WPBean | WPB Quick View for WooCommerce | Medium | 6.5 | 2025-09-22 18:24:40 | Deep Dive |
| CVE-2025-58228 | WordPress Quick View for WooCommerce Plugin <= 2.2.16 - Cross Site Scripting (XSS) Vulnerability | ShapedPlugin LLC | Quick View for WooCommerce | Medium | 6.5 | 2025-09-22 18:23:44 | Deep Dive |
| CVE-2025-8618 | WPC Smart Quick View for WooCommerce <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via woosq_btn Shortcode | wpclever | WPC Smart Quick View for WooCommerce | Medium | 6.4 | 2025-08-20 04:26:20 | Deep Dive |
| CVE-2025-24705 | WordPress WooCommerce Quick View plugin <= 1.1.1 - Sensitive Data Exposure vulnerability | Arshid | WooCommerce Quick View | Medium | 5.3 | 2025-01-24 17:24:59 | Deep Dive |
| CVE-2024-5020 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library | extendthemes | Colibri Page Builder | Medium | 6.4 | 2024-12-04 08:22:47 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-6560 | Addonify – Quick View For WooCommerce <= 1.2.16 - Unauthenticated Full Path Dislcosure | addonify | Addonify – Quick View For WooCommerce | Medium | 5.3 | 2024-07-20 02:37:15 | Deep Dive |
| CVE-2023-6494 | WPC Smart Quick View for WooCommerce <= 4.0.2 - Authenticated (Administrator+) Stored Cross-Site Scripting | wpclever | WPC Smart Quick View for WooCommerce | Medium | 4.4 | 2024-04-13 08:41:16 | Deep Dive |
| CVE-2023-47657 | WordPress Direct Checkout – Quick View – Buy Now For WooCommerce Plugin <= 1.5.8 is vulnerable to Cross Site Scripting (XSS) | GrandPlugins | Direct Checkout – Quick View – Buy Now For WooCommerce | Medium | 5.9 | 2023-11-13 23:43:02 | Deep Dive |
| CVE-2023-28988 | WordPress Direct checkout, Add to cart redirect for Woocommerce Plugin <= 2.1.48 is vulnerable to Cross Site Scripting (XSS) | PI Websolution | Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce | Medium | 5.9 | 2023-06-26 05:05:12 | Deep Dive |