WooCommerce 漏洞列表
共找到 65 个与 WooCommerce 相关的漏洞
- 2026-01-23WordPress Drag and Drop Multiple File Upload for WooCommerce dnd_codedropz_upload_wc 文件上传漏洞(CVE-2025-4403)
- POC 2026-01-16wp-woocommerce-admin-fpd: WordPress Plugin WooCommerce Admin (woocommerce-admin) Full Path Disclosure
- POC 2026-01-08CVE-2024-4455: YITH WooCommerce Ajax Search <= 2.4.0 - Cross-Site Scripting
- POC 2026-01-08wp-yith-woocommerce-wishlist-fpd: WordPress YITH WooCommerce Wishlist - Full Path Disclosure
- POC 2025-12-12wp-woocommerce-admin-fpd: WordPress Plugin WooCommerce Admin (woocommerce-admin) Full Path Disclosure
- POC 2025-12-02CVE-2022-28666: Custom Product Tabs for WooCommerce < 1.7.8 - Unauthenticated Toggle Content Setting Update
- 2025-11-14WordPress WooCommerce Designer Pro 插件 /wp-admin/admin-ajax.php wcdp_save_canvas_design_ajax 文件上传漏洞(CVE-2025-6440)
- 2025-09-19Wordpress WooCommerce Ultimate Gift Card /wp-admin/admin-ajax.php mwb_wgm_preview_mail 文件上传漏洞(CVE-2024-8425)
- POC 2025-08-01CVE-2023-2986: Abandoned Cart Lite for WooCommerce - Authentication Bypass
- POC 2025-08-01CVE-2014-4558: WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2018-5316: WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24169: WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting
- POC 2025-08-01CVE-2021-24300: WordPress WooCommerce <1.13.22 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24849: WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection
- POC 2025-08-01CVE-2021-24940: WordPress Persian Woocommerce <=5.8.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24991: WooCommerce PDF Invoices & Packing Slips WordPress Plugin < 2.10.5 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-32789: WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection
- POC 2025-08-01CVE-2022-0149: WooCommerce Stored Exporter WordPress Plugin < 2.7.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2022-0412: WordPress TI WooCommerce Wishlist <1.40.1 - SQL Injection
- POC 2025-08-01CVE-2022-0783: Multiple Shipping Address Woocommerce < 2.0 - SQL Injection
- POC 2025-08-01CVE-2022-0948: WordPress Order Listener for WooCommerce <3.2.2 - SQL Injection
- POC 2025-08-01CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call
- POC 2025-08-01CVE-2022-1057: WordPress Pricing Deals for WooCommerce <=2.0.2.02 - SQL Injection
- POC 2025-08-01CVE-2022-1916: WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting
- POC 2025-08-01CVE-2022-33901: WordPress MultiSafepay for WooCommerce <=4.13.1 - Arbitrary File Read
- POC 2025-08-01CVE-2022-4328: WooCommerce Checkout Field Manager < 18.0 - Arbitrary File Upload
- POC 2025-08-01CVE-2023-0942: WordPress Japanized for WooCommerce <2.5.5 - Cross-Site Scripting
- POC 2025-08-01CVE-2023-0948: WordPress Japanized for WooCommerce <2.5.8 - Cross-Site Scripting
- POC 2025-08-01CVE-2023-2256: WordPress Product Addons & Fields for WooCommerce < 32.0.7 - Cross-Site Scripting
- POC 2025-08-01CVE-2023-28121: WooCommerce Payments - Unauthorized Admin Access
- POC 2025-08-01CVE-2024-10486: Google for WooCommerce <= 2.8.6 - Information Disclosure via Publicly Accessible PHP Info File
- POC 2025-08-01CVE-2024-43917: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection
- POC 2025-08-01CVE-2024-8425: WooCommerce Ultimate Gift Card ≤ 2.6.0 - Arbitrary File Upload
- POC 2025-08-01CVE-2025-1562: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit - Broken Access Control
- POC 2025-08-01CVE-2025-1661: HUSKY – Products Filter Professional for WooCommerce <= 1.3.6.5 - Unauthenticated Local File Inclusion
- POC 2025-08-01CVE-2025-2907: Order Delivery Date Pro for WooCommerce < 12.3.1 - Arbitrary Option Update
- POC 2025-08-01CVE-2022-1020: WordPress WooCommerce <3.1.2 - Arbitrary Function Call
- POC 2025-08-01CVE-2019-25152: Abandoned Cart Lite for WooCommerce < 5.2.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2020-36731: Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update
- POC 2025-08-01checkout-fields-manager-xss: WordPress Checkout Fields Manager for WooCommerce <5.5.7 - Cross-Site Scripting
- POC 2025-08-01elex-woocommerce-xss: WordPress WooCommerce Google Shopping < 1.2.4 - Cross-Site Scripting
- POC 2025-08-01woocommerce-pdf-invoices-xss: WordPress WooCommerce PDF Invoices & Packing Slips <2.15.0 - Cross-Site Scripting
- POC 2025-08-01wp-smart-manager-sqli: Smart Manager for WooCommerce & WPeC <= 3.9.6 - SQL Injection
- POC 2025-08-01wp-woocommerce-email-verification: Email Verification for WooCommerce < 1.8.2 - Loose Comparison to Authentication Bypass
- POC 2025-08-01wp-woocommerce-file-download: Product Input Fields for WooCommerce < 1.2.7 - Unauthenticated File Download
- POC 2025-08-01wp-woocommerce-pdf-invoice-listing: Woocommerce - PDF Invoice Exposure
- POC 2025-08-01CVE-2021-24212: WooCommerce Help Scout - Arbitrary File Upload
- 2025-05-24(CVE-2025-5058) eMagicOne Store Manager for WooCommerce插件任意文件上传漏洞
- 2025-05-24(CVE-2025-4602)eMagicOne Store Manager for WooCommerce插件任意文件读取漏洞
- 2025-05-24(CVE-2025-4603)eMagicOne Store Manager for WooCommerce插件任意文件删除漏洞
- 2025-05-24(CVE-2025-4336) eMagicOne Store Manager for WooCommerce插件任意文件上传漏洞
- 2025-05-09(CVE-2025-4403) Drag and Drop Multiple File Upload for WooCommerce插件任意文件上传漏洞
- 2025-04-03HUSKY-WooCommerce /wp-admin/admin-ajax.php 文件包含漏洞 (CVE-2025-1661)
- 2025-02-06PDF Invoices & Packing Slips for WooCommerce 信息泄露漏洞
- 2025-01-27WordPress plugin PDF Invoices for WooCommerce + Drag and Drop Template Builder 跨站脚本漏洞
- 2025-01-27WordPress plugin WooCommerce Cloak Affiliate Links 跨站请求伪造漏洞
- 2025-01-17WordPress plugin CoDesigner WooCommerce Builder for Elementor 跨站脚本漏洞
- 2024-11-03WordPress plugin SIP Reviews Shortcode for WooCommerce SQL注入漏洞
- 2024-11-03WordPress plugin SIP Reviews Shortcode for WooCommerce SQL注入漏洞
- 2024-06-14WordPress plugin USPS Shipping for WooCommerce – Live Rates 日志信息泄露漏洞
- 2024-02-07WordPress 插件 Membership For WooCommerce CVE-2022-4395 任意文件上传漏洞
- 2023-06-08WordPress Plugin Abandoned Cart Lite for WooCommerce 安全漏洞
- 2023-06-07WordPress Plugin WooCommerce Multi Currency 安全漏洞
- 2022-10-07WordPress TI WooCommerce Wishlist plugin SQL注入漏洞(CVE-2022-0412)
- 2022-01-18WordPress 跨站请求伪造漏洞