Known Vulnerabilities for products from WooCommerce
Listed below are 20 of the newest known vulnerabilities associated with the vendor "WooCommerce".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-54815 json | Not Provided | 2026-06-17 | 2026-06-17 | |
| CVE-2026-54807 json | Not Provided | 2026-06-17 | 2026-06-17 | |
| CVE-2026-52711 json | Not Provided | 2026-06-16 | 2026-06-16 | |
| CVE-2026-52704 json | Not Provided | 2026-06-15 | 2026-06-15 | |
| CVE-2026-52694 json | Not Provided | 2026-06-15 | 2026-06-15 | |
| CVE-2026-49777 json | Not Provided | 2026-06-05 | 2026-06-08 | |
| CVE-2026-49110 json | Not Provided | 2026-06-15 | 2026-06-15 | |
| CVE-2026-49072 json | Not Provided | 2026-06-17 | 2026-06-17 | |
| CVE-2026-49071 json | Not Provided | 2026-06-17 | 2026-06-17 | |
| CVE-2026-49065 json | Not Provided | 2026-06-15 | 2026-06-15 | |
| CVE-2024-27193 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PayU India PayU India p... | Not Provided | 2024-03-15 | 2026-04-23 |
| CVE-2024-24799 json | Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a... | Not Provided | 2024-03-26 | 2026-04-28 |
| CVE-2023-52222 json | Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.... | Not Provided | 2024-01-08 | 2026-04-28 |
| CVE-2023-44999 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooComme... | Not Provided | 2024-03-27 | 2026-04-28 |
| CVE-2023-37873 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versio... | 6.1 - MEDIUM | 2023-08-05 | 2023-08-09 |
| CVE-2023-36514 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions. | 8.8 - HIGH | 2023-07-17 | 2023-07-27 |
| CVE-2023-36513 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.5 versions. | 8.8 - HIGH | 2023-07-17 | 2023-07-27 |
| CVE-2023-36511 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Order Barcodes plugin <= 1.6.4 versions. | 8.8 - HIGH | 2023-07-17 | 2023-07-27 |
| CVE-2023-35918 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Bulk Stock Management plugin <= 2.2.33 versions. | 6.1 - MEDIUM | 2023-06-22 | 2023-06-28 |
| CVE-2023-35917 json | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce PayPal Payments plugin <= 2.0.4 versions. | 8.8 - HIGH | 2023-06-22 | 2023-06-28 |
Known software with vulnerabilities from WooCommerce
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Woocommerce | Gift Cards | 3.0.2 |
| Application | Woocommerce | Nab Transact | 2.1.0 |
| Application | Woocommerce | Paypal Checkout | 0.1.0 |
| Application | Woocommerce | Paypal Checkout Payment Gateway | 1.5.2 |
| Application | Woocommerce | Payu India Payment Gateway | 1.0 |
| Application | Woocommerce | Persian Woocommerce Sms | - |
| Application | Woocommerce | Subscriptions | - |
| Application | Woocommerce | Woocommerce | 1.0 |