Known Vulnerabilities for products from WooCommerce
Listed below are 20 of the newest known vulnerabilities associated with the vendor "WooCommerce".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-49059 json | Not Provided | 2026-05-27 | 2026-05-27 | |
| CVE-2026-48971 json | Not Provided | 2026-05-27 | 2026-05-27 | |
| CVE-2026-47100 json | Not Provided | 2026-05-19 | 2026-05-19 | |
| CVE-2026-45444 json | Not Provided | 2026-05-20 | 2026-05-21 | |
| CVE-2026-45438 json | Not Provided | 2026-05-25 | 2026-05-26 | |
| CVE-2026-45217 json | Not Provided | 2026-05-25 | 2026-05-26 | |
| CVE-2026-45211 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-42761 json | Not Provided | 2026-05-27 | 2026-05-27 | |
| CVE-2026-42727 json | Not Provided | 2026-05-27 | 2026-05-27 | |
| CVE-2026-42725 json | Not Provided | 2026-05-27 | 2026-05-27 | |
| CVE-2024-27193 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PayU India PayU India p... | Not Provided | 2024-03-15 | 2026-04-23 |
| CVE-2024-24799 json | Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a... | Not Provided | 2024-03-26 | 2026-04-28 |
| CVE-2023-52222 json | Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.... | Not Provided | 2024-01-08 | 2026-04-28 |
| CVE-2023-44999 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooComme... | Not Provided | 2024-03-27 | 2026-04-28 |
| CVE-2023-37873 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versio... | 6.1 - MEDIUM | 2023-08-05 | 2023-08-09 |
| CVE-2023-36514 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions. | 8.8 - HIGH | 2023-07-17 | 2023-07-27 |
| CVE-2023-36513 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.5 versions. | 8.8 - HIGH | 2023-07-17 | 2023-07-27 |
| CVE-2023-36511 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Order Barcodes plugin <= 1.6.4 versions. | 8.8 - HIGH | 2023-07-17 | 2023-07-27 |
| CVE-2023-35918 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Bulk Stock Management plugin <= 2.2.33 versions. | 6.1 - MEDIUM | 2023-06-22 | 2023-06-28 |
| CVE-2023-35917 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4 versions. | 8.8 - HIGH | 2023-06-22 | 2023-06-28 |
Known software with vulnerabilities from WooCommerce
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Woocommerce | Gift Cards | 3.0.2 |
| Application | Woocommerce | Nab Transact | 2.1.0 |
| Application | Woocommerce | Paypal Checkout | 0.1.0 |
| Application | Woocommerce | Paypal Checkout Payment Gateway | 1.5.2 |
| Application | Woocommerce | Payu India Payment Gateway | 1.0 |
| Application | Woocommerce | Persian Woocommerce Sms | - |
| Application | Woocommerce | Subscriptions | - |
| Application | Woocommerce | Woocommerce | 1.0 |