CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/04/16 5:29 a.m.•1 views

CVE-2026-5050 Payment Gateway for Redsys & WooCommerce Lite <= 7.0.0 - Improper Verification of Cryptographic Signature to Unauthenticated Payment Status Manipulation

7.5CVSS5.8AI score0.00017EPSS

Cvelist•added 2026/04/16 5:29 a.m.•41 views

CVE-2026-5050 Payment Gateway for Redsys & WooCommerce Lite <= 7.0.0 - Improper Verification of Cryptographic Signature to Unauthenticated Payment Status Manipulation

7.5CVSS0.00017EPSS

CVE•added 2026/04/16 5:29 a.m.•11 views

CVE-2026-5050

The CVE-2026-5050 entry details a vulnerability in the Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress. Affected versions are up to and including 7.0.0. The root cause is improper verification of cryptographic signatures: successful_request() handlers compute a local signature ...

7.5CVSS5.8AI score0.00017EPSS

Positive Technologies•added 2026/04/16 12:0 a.m.•2 views

PT-2026-33269

The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 7.0.0 due to successful request handlers calculating a local signature but not validating Ds Signature from the request before...

7.5CVSS5.8AI score0.00017EPSS

Exploits0References3

RedhatCVE•added 2026/02/20 7:39 p.m.•4 views

CVE-2026-2232

The Product Table and List Builder for WooCommerce Lite plugin for WordPress is vulnerable to time-based SQL Injection via the 'search' parameter in all versions up to, and including, 4.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

7.5CVSS5.9AI score0.00136EPSS

NVD•added 2026/02/19 5:24 p.m.•3 views

CVE-2026-2232

7.5CVSS0.00136EPSS

Vulnrichment•added 2026/02/19 4:24 p.m.•2 views

CVE-2026-2232 Product Table and List Builder for WooCommerce Lite <= 4.6.2 - Unauthenticated Time-Based SQL Injection via 'search' Parameter

7.5CVSS5.9AI score0.00136EPSS

Cvelist•added 2026/02/19 4:24 p.m.•21 views

CVE-2026-2232 Product Table and List Builder for WooCommerce Lite <= 4.6.2 - Unauthenticated Time-Based SQL Injection via 'search' Parameter

7.5CVSS0.00136EPSS

CNNVD•added 2026/02/19 12:0 a.m.•6 views

WordPress plugin Product Table and List Builder for WooCommerce Lite SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.5CVSS5.8AI score0.00136EPSS

Positive Technologies•added 2026/02/19 12:0 a.m.•4 views

PT-2026-20866

Name of the Vulnerable Software and Affected Versions Product Table and List Builder for WooCommerce Lite versions prior to 4.6.3 Description The Product Table and List Builder for WooCommerce Lite plugin for WordPress is susceptible to time-based SQL Injection. This is due to inadequate escaping...

7.5CVSS5.6AI score0.00136EPSS

Exploits0References12

RedhatCVE•added 2026/01/09 9:32 a.m.•5 views

CVE-2023-25788

Cross-Site Request Forgery CSRF vulnerability in Saphali Saphali Woocommerce Lite plugin = 1.8.13 versions...

8.8CVSS7.1AI score0.00065EPSS

RedhatCVE•added 2025/12/31 11:5 a.m.•2 views

CVE-2025-69027

Missing Authorization vulnerability in tychesoftwares Product Delivery Date for WooCommerce – Lite product-delivery-date-for-woocommerce-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Delivery Date for WooCommerce – Lite: from n/a through =...

5.3CVSS7AI score0.00043EPSS

EUVD•added 2025/12/30 12:30 p.m.•1 views

EUVD-2025-205717

6.5AI score0.00043EPSS

NVD•added 2025/12/30 11:16 a.m.•2 views

CVE-2025-69027

5.3CVSS0.00043EPSS

CVE•added 2025/12/30 10:47 a.m.•6 views

CVE-2025-69027

Technical details about CVE-2025-69027 are not publicly available in the provided documents. Monitor for vendor advisories and updates.

5.3CVSS6.6AI score0.00043EPSS

Cvelist•added 2025/12/30 10:47 a.m.•23 views

CVE-2025-69027 WordPress Product Delivery Date for WooCommerce – Lite plugin <= 3.2.0 - Broken Access Control vulnerability

5.3CVSS0.00043EPSS

Positive Technologies•added 2025/12/30 12:0 a.m.•2 views

PT-2025-53908

Name of the Vulnerable Software and Affected Versions Product Delivery Date for WooCommerce – Lite versions through 3.2.0 Description The software contains a flaw related to incorrectly configured access control security levels, allowing unauthorized access. The issue is present in Product Delive...

6.5AI score0.00043EPSS

Exploits0References3

CNNVD•added 2025/12/30 12:0 a.m.•1 views

WordPress plugin Product Delivery Date for WooCommerce Lite 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin...

5.3CVSS5.8AI score0.00043EPSS