Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
AutomatticWoocommerce

3 matches found

CVE
CVEadded 2024/04/15 5:15 a.m.2655 views

CVE-2024-1310

The WooCommerce WordPress plugin before 8.6 does not prevent users with at least the contributor role from leaking products they shouldn't have access to. (e.g. private, draft and trashed products)

4.9CVSS9.3AI score0.00228EPSS
CVE
CVEadded 2021/05/17 5:15 p.m.62 views

CVE-2021-24323

When taxes are enabled, the "Additional tax classes" field was not properly sanitised or escaped before being output back in the admin dashboard, allowing high privilege users such as admin to use XSS payloads even when the unfiltered_html is disabled

4.8CVSS4.7AI score0.00377EPSS
CVE
CVEadded 2024/04/07 6:15 p.m.60 views

CVE-2024-22155

Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.5.2.

4.3CVSS5AI score0.00227EPSS