Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Woo — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting Woo. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Woo:WooCommerce Product VendorsWooCommerce Warranty RequestsAutomateWooWooCommerce Ship to Multiple AddressesWooCommerce Product RecommendationsWooCommerce Product Add-onsWooCommerce Box OfficeWooCommerce Canada Post ShippingWooCommerce Subscriptions
CVE IDTitleCVSSSeverityPublished
CVE-2023-50850 WordPress Woo Subscriptions plugin < 5.8.0 - Broken Access Control vulnerability — WooCommerce SubscriptionsCWE-862 4.3 Medium2024-12-31
CVE-2023-37872 WordPress WooCommerce Ship to Multiple Addresses plugin <= 3.8.5 - Broken Access Control vulnerability — WooCommerce Ship to Multiple AddressesCWE-862 6.5 Medium2024-06-19
CVE-2023-36512 WordPress AutomateWoo plugin <= 5.7.5 - Broken Access Control vulnerability — AutomateWooCWE-862 6.5 Medium2024-06-19
CVE-2023-37870 WordPress WooCommerce Warranty Requests plugin <= 2.1.9 - Broken Access Control vulnerability — WooCommerce Warranty RequestsCWE-862 8.1 High2024-06-19
CVE-2023-51495 WordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability — WooCommerce Warranty RequestsCWE-862 6.5 Medium2024-06-14
CVE-2023-51496 WordPress WooCommerce Warranty Requests plugin <= 2.2.7 - Broken Access Control vulnerability — WooCommerce Warranty RequestsCWE-862 5.3 Medium2024-06-14
CVE-2023-51497 WordPress WooCommerce Ship to Multiple Addresses plugin <= 3.8.9 - Broken Access Control vulnerability — WooCommerce Ship to Multiple AddressesCWE-862 5.4 Medium2024-06-14
CVE-2023-51498 WordPress WooCommerce Canada Post Shipping plugin <= 2.8.3 - Broken Access Control vulnerability — WooCommerce Canada Post ShippingCWE-862 5.3 Medium2024-06-11
CVE-2023-52186 WordPress WooCommerce Product Vendors plugin <= 2.2.2 - Unauthenticated Broken Access Control vulnerability — WooCommerce Product VendorsCWE-862 5.3 Medium2024-06-11
CVE-2023-34003 WordPress WooCommerce Box Office plugin <= 1.1.51 - Unauthenticated Save Ticket Barcode vulnerability — WooCommerce Box OfficeCWE-862 6.5 Medium2024-06-09
CVE-2023-51494 WordPress WooCommerce Product Vendors plugin <= 2.2.1 - Broken Access Control vulnerability — WooCommerce Product VendorsCWE-862 5.3 Medium2024-06-09
CVE-2023-32744 WordPress WooCommerce Product Recommendations plugin < 2.3.0 - Cross Site Request Forgery (CSRF) vulnerability — WooCommerce Product RecommendationsCWE-352 5.4 Medium2023-11-09
CVE-2023-32745 WordPress AutomateWoo plugin <= 5.7.1 - Cross Site Request Forgery (CSRF) vulnerability — AutomateWooCWE-352 5.4 Medium2023-11-09
CVE-2023-32794 WordPress WooCommerce Product Add-ons plugin <= 6.1.3 - Cross Site Request Forgery (CSRF) vulnerability — WooCommerce Product Add-onsCWE-352 5.4 Medium2023-11-09
CVE-2023-35879 WordPress WooCommerce Product Vendors plugin <= 2.1.78 - Shop Manager+ SQL Injection vulnerability — WooCommerce Product VendorsCWE-89 7.6 High2023-10-31

This page lists every published CVE security advisory associated with Woo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.