Known Vulnerabilities for products from Xootix
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Xootix".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-50027 json | Not Provided | 2025-06-20 | 2026-04-23 | |
| CVE-2024-5324 json | Multiple plugins for WordPress utilizing the XootiX Framework are vulnerable to unauthorized modification of data due to a mi... | Not Provided | 2024-06-06 | 2026-04-08 |
| CVE-2023-28415 json | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XootiX Side Cart Woocommerce (Ajax) plugin <= 2.2 versions... | 4.8 - MEDIUM | 2023-08-30 | 2023-09-01 |
| CVE-2023-2706 json | The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication bypass. This is due to the fac... | Not Provided | 2023-05-17 | 2026-04-08 |
| CVE-2022-45376 json | Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side Cart Woocommerce (Ajax) < 2.1 versions. | 8.8 - HIGH | 2023-05-22 | 2023-05-26 |
| CVE-2022-0215 json | The Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ), and Side Cart Woocommerce (Ajax) WordPress plugins b... | 8.8 - HIGH | 2022-01-18 | 2022-01-24 |
| CVE-2020-36715 json | The Login/Signup Popup plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on several... | Not Provided | 2023-06-07 | 2026-04-08 |