Show filters
1,044 Total Results
Displaying 51-60 of 1,044
Sort by:
Attacker Value
Unknown
CVE-2025-24644
Disclosure Date: January 24, 2025 (last updated February 12, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels allows Stored XSS. This issue affects WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels: from n/a through 4.7.1.
0
Attacker Value
Unknown
CVE-2025-24633
Disclosure Date: January 24, 2025 (last updated January 25, 2025)
Missing Authorization vulnerability in silverplugins217 Build Private Store For Woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Build Private Store For Woocommerce: from n/a through 1.0.
0
Attacker Value
Unknown
CVE-2025-24625
Disclosure Date: January 24, 2025 (last updated January 25, 2025)
Missing Authorization vulnerability in Marco Almeida | Webdados Taxonomy/Term and Role based Discounts for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Taxonomy/Term and Role based Discounts for WooCommerce: from n/a through 5.1.
0
Attacker Value
Unknown
CVE-2025-24596
Disclosure Date: January 24, 2025 (last updated February 12, 2025)
Missing Authorization vulnerability in WC Product Table WooCommerce Product Table Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WooCommerce Product Table Lite: from n/a through 3.8.7.
0
Attacker Value
Unknown
CVE-2025-24594
Disclosure Date: January 24, 2025 (last updated January 25, 2025)
Missing Authorization vulnerability in Speedcomp Linet ERP-Woocommerce Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Linet ERP-Woocommerce Integration: from n/a through 3.5.7.
0
Attacker Value
Unknown
CVE-2025-23991
Disclosure Date: January 24, 2025 (last updated January 25, 2025)
Missing Authorization vulnerability in theDotstore Product Size Charts Plugin for WooCommerce.This issue affects Product Size Charts Plugin for WooCommerce: from n/a through 2.4.5.
0
Attacker Value
Unknown
CVE-2024-13511
Disclosure Date: January 23, 2025 (last updated February 06, 2025)
The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2, contains a vulnerability due to improper nonce verification in its settings reset functionality. The issue exists in the settings_init() function, which processes a reset action based on specific query parameters in the URL. The related delete_settings() function performs a faulty nonce validation check, making the reset operation insecure and susceptible to unauthorized access.
0
Attacker Value
Unknown
CVE-2025-23966
Disclosure Date: January 22, 2025 (last updated January 23, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlaFalaki a Gateway for Pasargad Bank on WooCommerce allows Reflected XSS. This issue affects a Gateway for Pasargad Bank on WooCommerce: from n/a through 2.5.2.
0
Attacker Value
Unknown
CVE-2025-23495
Disclosure Date: January 22, 2025 (last updated January 23, 2025)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WooCommerce Order Search allows Reflected XSS. This issue affects WooCommerce Order Search: from n/a through 1.1.0.
0
Attacker Value
Unknown
CVE-2025-22318
Disclosure Date: January 21, 2025 (last updated January 22, 2025)
Missing Authorization vulnerability in Eniture Technology Standard Box Sizes – for WooCommerce. This issue affects Standard Box Sizes – for WooCommerce: from n/a through 1.6.13.
0
