All 4 CVE vulnerabilities found in WooPayments – Fully Integrated Solution Built and Supported by Woo, with AI-generated Chinese analysis, references, and POCs.
Vendor: Automattic
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-51503 | WordPress WooCommerce Payments Plugin <= 6.6.2 is vulnerable to Insecure Direct Object References (IDOR) CWE-639 | 5.9 | Medium | 2023-12-31 |
| CVE-2023-35915 | WordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to SQL Injection CWE-89 | 7.6 | High | 2023-12-20 |
| CVE-2023-35916 | WordPress WooCommerce Payments Plugin <= 5.9.0 is vulnerable to Insecure Direct Object References (IDOR) CWE-639 | 7.5 | High | 2023-12-20 |
| CVE-2023-49828 | WordPress WooCommerce Payments Plugin <= 6.4.2 is vulnerable to Cross Site Scripting (XSS) CWE-79 | 6.5 | Medium | 2023-12-14 |
All 4 known CVE vulnerabilities affecting WooPayments – Fully Integrated Solution Built and Supported by Woo with full Chinese analysis, references, and POCs where available.