Advanced Woo Labels | Cross-Site Scripting (XSS) |
CartBounty – Save and recover abandoned carts for WooCommerce | Cross-Site Request Forgery (CSRF) |
Cities Shipping Zones for WooCommerce | Local File Inclusion (LFi) |
EU/UK VAT Manager for WooCommerce | Cross-Site Scripting (XSS) |
EU/UK VAT Manager for WooCommerce | Cross-Site Scripting (XSS) |
EU/UK VAT Manager for WooCommerce | Missing Authorization (BAC) |
EU/UK VAT Manager for WooCommerce | Missing Authorization (BAC) |
Product Carousel Slider & Grid Ultimate for WooCommerce | Local File Inclusion (LFi) |
Product Enquiry for WooCommerce | PHP Object Injection in enquiry_detailphp |
Product Slider for WooCommerce | Cross-Site Scripting (XSS) |
Revolut Gateway for WooCommerce | Missing Authorization (BAC) to Unauthenticated Order Status Update (BAC) |
Robokassa payment gateway for Woocommerce | Cross-Site Scripting (XSS) |
ShopLentor – WooCommerce Builder for Elementor | DOM-Based Cross-Site Scripting (XSS) |
Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins | Missing Authorization (BAC) to Settings Update (BAC) |
Store Hours for WooCommerce | Cross-Site Scripting (XSS) |
Themify – WooCommerce Product Filter | Cross-Site Scripting (XSS) |
Waitlist Woocommerce ( Back in stock notifier ) | Cross-Site Scripting (XSS) |
WCFM – Frontend Manager for WooCommerce | Insecure Direct Object Reference (IDOR) to Account Takeover (BAC) /Privilege Escalation (BAC) |
WooCommerce Multilingual & Multicurrency | Broken Access Control (BAC) |
WooCommerce Multiple Free Gift | Insufficient Server-Side Validation to Arbitrary Gift Adding |
WooCommerce Photo Reviews - Review Reminders - Review for Discounts | Authentication Bypass (BAC) to Account Takeover (BAC) and Privilege Escalation (BAC) |
WOOCS – WooCommerce Currency Switcher | Unauthenticated Arbitrary Shortcode Execution |
WooEvents | Unauthenticated Arbitrary File Overwrite (BAC) |
XT Ajax Add To Cart for WooCommerce | Cross-Site Scripting (XSS) |
YITH WooCommerce Ajax Search | SQL Injection (SQLi) |
YITH WooCommerce Product Add-Ons | Cross-Site Scripting (XSS) |