CTT Expresso para WooCommerce | Private Information Exposure via Unprotected Directory |
Docket (WooCommerce Collections / Wishlist / Watchlist) | Unauthenticated Post/Page Deletion (BAC) |
Docket (WooCommerce Collections / Wishlist / Watchlist) | Unauthenticated SQL Injection (SQLi) |
Envo's Elementor Templates & Widgets for WooCommerce | Cross-Site Scripting (XSS) |
EU/UK VAT Manager for WooCommerce | Cross-Site Scripting (XSS) |
Event Manager for WooCommerce | Local File Inclusion (LFi) |
Greenshift Woocommerce Addon | SQL Injection (SQLi) |
InPost for WooCommerce | Unauthenticated File Read (BAC)/Delete (BAC) |
Mollie Payments for WooCommerce | Unauthenticated Full Path Disclosure (BAC) |
Order Export for WooCommerce | Private Data Exposure |
Persian WooCommerce | Broken Access Control (BAC) |
Print Barcode Labels for your WooCommerce products/orders | Broken Access Control (BAC) |
Products, Order & Customers Export for WooCommerce | Cross-Site Scripting (XSS) |
Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce | Cross-Site Scripting (XSS) |
Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce | Cross-Site Request Forgery (CSRF) |
Stripe Payments For WooCommerce by Checkout | Cross-Site Request Forgery (CSRF) |
Stripe Payments For WooCommerce by Checkout | Insecure Direct Object References (IDOR) |
Taxi Booking Manager for WooCommerce | Cross-Site Scripting (XSS) |
TI WooCommerce Wishlist | SQL Injection (SQLi) |
Waitlist Woocommerce ( Back in stock notifier ) | Broken Access Control (BAC) |
Web and WooCommerce Addons for WPBakery Builder | Cross-Site Scripting (XSS) |
WooCommerce | Cross-Site Scripting (XSS) |
WooCommerce Customers Manager | Multiple Cross-Site Request Forgery (CSRF) |
WooCommerce Customers Manager | Cross-Site Scripting (XSS) |
WooCommerce Google Feed Manager | Missing Authorization (BAC) to Feed Actions |
WooCommerce Google Feed Manager | Missing Authorization (BAC) to File Deletion (BAC) |
WooCommerce Multiple Customer Addresses & Shipping | Vulnerable ACF Pro plugin Embed |
WooCommerce PDF Vouchers | Cross-Site Scripting (XSS) |
WooCommerce PDF Vouchers | Unauthenticated File Deletion (BAC) |
WooCommerce PDF Vouchers | Unauthenticated Multiple Vulnerabilities |
WooCommerce Product Table Lite | Code Execution |
WooCommerce Social Login | Authentication Bypass to Account Takeover (BAC) |
WOOCS – WooCommerce Currency Switcher | Broken Access Control (BAC) |
Woo Inquiry | Unauthenticated SQL Injection (SQLi) |
Woo Products Widgets For Elementor | Local File Inclusion (LFi) |
WPC Frequently Bought Together for WooCommerce | Broken Access Control (BAC) |