Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Woocommerce'
2022-07-17
CVE-2022-2099
CWE-94
The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles
2021-05-17
CVE-2021-24323
CWE-79
When taxes are enabled, the "Additional tax classes" field was not properly sanitised or escaped before being output back in the admin dashboard, allowing high privilege users such as admin to use XSS payloads even when the unfiltered_html is disabled
2020-12-27
CVE-2020-29156
CWE-863
The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action.
2020-06-19
CVE-2019-20891
CWE-352
WooCommerce before 3.6.5, when it handles CSV imports of products, has a cross-site request forgery (CSRF) issue with resultant stored cross-site scripting (XSS) via includes/admin/importers/class-wc-product-csv-importer-controller.php.
2019-02-25
CVE-2019-9168
CWE-79
WooCommerce before 3.5.5 allows XSS via a Photoswipe caption.
2019-01-15
CVE-2018-20714
CWE-22
The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin.
2017-01-03
CVE-2016-10112
Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.6.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML by providing crafted tax-rate table values in CSV format.
>>>
Vendor:
Woocommerce
11
Products
Woocommerce
Paypal checkout payment gateway
Payu india payment gateway
Persian woocommerce sms
Subscriptions
Nab transact
Gift cards
Help scout
Upload files
Woocommerce currency switcher
Persian-woocommerce
Copyright
2024
, cxsecurity.com
Back to Top