Wordpress Woocommerce Vulnerabilities

Stored Cross-Site Scripting in Plus Addons for Elementor by WordPress

CVE-2025-7646

WordPressThe Plus Addons For El...6.4MEDIUM

Stored Cross-Site Scripting Vulnerability in Customer Reviews for WooCommerce by WordPress

CVE-2025-5720

WordPressCustomer Reviews For W...6.4MEDIUM

Privilege Escalation Vulnerability in Hydra Booking Plugin for WordPress

CVE-2025-7689

WordPressHydra Booking – All In...8.8HIGH

Unauthorized Data Modification in Bonanza WooCommerce Free Gifts Lite Plugin for WordPress

CVE-2025-6730

WordPressBonanza – WooCommerce ...4.3MEDIUM

Cross-Site Request Forgery in Omnishop Plugin for WordPress

CVE-2025-6214

WordPressOmnishop – Mobile Shop...6.5MEDIUM

Unauthenticated Registration Bypass in Omnishop Plugin for WordPress

CVE-2025-6215

WordPressOmnishop – Mobile Shop...5.3MEDIUM

Stored Cross-Site Scripting in Crowdfunding for WooCommerce Plugin by WordPress

CVE-2025-5767

WordPressCrowdfunding For WooCo...6.4MEDIUM

Arbitrary File Upload Vulnerability in WooCommerce Refund And Exchange by WordPress

CVE-2025-6222

WordPressWooCommerce Refund And...9.8CRITICAL

Insecure Direct Object Reference in WooCommerce Biteship Plugin for WordPress

CVE-2025-5816

WordPressPlugin Pengiriman WooC...4.3MEDIUM

Path Traversal Vulnerability in Easy Video Player by FWDesign

CVE-2025-28955

WordPressEasy Video Player Word...7.5HIGH

Arbitrary File Upload Vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce

CVE-2025-29009

WordPressMedical Prescription A...10CRITICAL

Missing Authorization in WPFactory Product XML Feed Manager for WooCommerce

CVE-2025-30959

WordPressProduct Xml Feed Manag...6.5MEDIUM

SQL Injection Vulnerability in ELEX WooCommerce Advanced Bulk Edit Plugin

CVE-2025-47645

WordPressElex WooCommerce Advan...8.5HIGH

Access Control Flaw in WPFactory Wishlist for WooCommerce

CVE-2025-49319

WordPressWishlist For WooCommerce6.5MEDIUM

Missing Authorization Vulnerability in PW WooCommerce On Sale! by Pimwick

CVE-2025-49888

WordPressPw WooCommerce On Sale!7.1HIGH

Cross-Site Request Forgery in WP Swings Wallet System for WooCommerce

CVE-2025-54041

WordPressWallet System For WooC...4.3MEDIUM

Cross-Site Request Forgery Vulnerability in WooCommerce Google Sheet Connector by WesternDeal

CVE-2025-54030

WordPressWooCommerce Google She...4.3MEDIUM

Arbitrary File Deletion in WooCommerce Plugin by WordPress

CVE-2025-7359

WordPressCounter Live Visitors ...8.2HIGH

Stored Cross-Site Scripting in WP Event Manager Plugin by WordPress

CVE-2025-2799

WordPressWP Event Manager – Eve...4.8MEDIUM

Stored Cross-Site Scripting in WP Event Manager by a Major WordPress Vendor

CVE-2025-2800

WordPressWP Event Manager – Eve...6.1MEDIUM

Stored Cross-Site Scripting in WPC Smart Compare for WooCommerce Plugin

CVE-2025-5530

WordPressWPc Smart Compare For ...5.4MEDIUM

Unauthorized Data Modification in WCFM – Frontend Manager and WooCommerce Plugin by WordPress

CVE-2025-3780

WordPressWcfm – Frontend Manage...6.5MEDIUM

SQL Injection Vulnerability in Printcart Web to Print Product Designer for WooCommerce

CVE-2025-24780

WordPressPrintcart Web To Print...8.5HIGH

Missing Authorization Issue in Paytiko Payment Orchestration Platform for WooCommerce

CVE-2025-50032

WordPressPaytiko For WooCommerce6.5MEDIUM

Deserialization of Untrusted Data Vulnerability in WooCommerce Product Multi-Action by BestWpDeveloper

CVE-2025-49417

WordPressWooCommerce Product Mu...9.8CRITICAL

WordPress Woocommerce Vulnerabilities

Vulnerability Published:

Sort By:

1 August 2025

Stored Cross-Site Scripting in Plus Addons for Elementor by WordPress

31 July 2025

Stored Cross-Site Scripting Vulnerability in Customer Reviews for WooCommerce by WordPress

29 July 2025

Privilege Escalation Vulnerability in Hydra Booking Plugin for WordPress

Unauthorized Data Modification in Bonanza WooCommerce Free Gifts Lite Plugin for WordPress

23 July 2025

Cross-Site Request Forgery in Omnishop Plugin for WordPress

Unauthenticated Registration Bypass in Omnishop Plugin for WordPress

18 July 2025

Stored Cross-Site Scripting in Crowdfunding for WooCommerce Plugin by WordPress

Arbitrary File Upload Vulnerability in WooCommerce Refund And Exchange by WordPress

Insecure Direct Object Reference in WooCommerce Biteship Plugin for WordPress

16 July 2025

Path Traversal Vulnerability in Easy Video Player by FWDesign

Arbitrary File Upload Vulnerability in Webkul Medical Prescription Attachment Plugin for WooCommerce

Missing Authorization in WPFactory Product XML Feed Manager for WooCommerce

SQL Injection Vulnerability in ELEX WooCommerce Advanced Bulk Edit Plugin

Access Control Flaw in WPFactory Wishlist for WooCommerce

Missing Authorization Vulnerability in PW WooCommerce On Sale! by Pimwick

Cross-Site Request Forgery in WP Swings Wallet System for WooCommerce

Cross-Site Request Forgery Vulnerability in WooCommerce Google Sheet Connector by WesternDeal

Arbitrary File Deletion in WooCommerce Plugin by WordPress

Stored Cross-Site Scripting in WP Event Manager Plugin by WordPress

Stored Cross-Site Scripting in WP Event Manager by a Major WordPress Vendor

11 July 2025

Stored Cross-Site Scripting in WPC Smart Compare for WooCommerce Plugin

9 July 2025

Unauthorized Data Modification in WCFM – Frontend Manager and WooCommerce Plugin by WordPress

4 July 2025

SQL Injection Vulnerability in Printcart Web to Print Product Designer for WooCommerce

Missing Authorization Issue in Paytiko Payment Orchestration Platform for WooCommerce

Deserialization of Untrusted Data Vulnerability in WooCommerce Product Multi-Action by BestWpDeveloper