Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (221 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-63023 3 Easy Payment, Woocommerce, Wordpress 3 Payment Gateway For Paypal On Woo Commerce, Woocommerce, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in Easy Payment Payment Gateway for PayPal on WooCommerce woo-paypal-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway for PayPal on WooCommerce: from n/a through <= 9.0.53.
CVE-2025-64638 3 Onpay.io, Woocommerce, Wordpress 3 For Woocommerce, Woocommerce, Wordpress 2026-04-24 5.3 Medium
Missing Authorization vulnerability in OnPay.io OnPay.io for WooCommerce onpay-io-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects OnPay.io for WooCommerce: from n/a through <= 1.0.47.
CVE-2025-60247 3 Bux, Woocommerce, Wordpress 3 Bux Woocommerce, Woocommerce, Wordpress 2026-04-24 6.5 Medium
Missing Authorization vulnerability in Bux Bux Woocommerce bux-woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bux Woocommerce: from n/a through <= 1.2.3.
CVE-2025-64267 3 Woocommerce, Wordpress, Wpswings 3 Woocommerce, Wordpress, Ultimate Points And Rewards 2026-04-24 4.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommerce-ultimate-points-and-rewards allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Ultimate Points And Rewards: from n/a through <= 2.10.2.
CVE-2025-60071 3 Don-themes, Woocommerce, Wordpress 3 Riode, Woocommerce, Wordpress 2026-04-24 8.1 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in don-themes Riode riode allows PHP Local File Inclusion.This issue affects Riode: from n/a through <= 1.6.23.
CVE-2025-60083 3 Add-ons.org, Woocommerce, Wordpress 3 Pdf Invoice Builder For Woocommerce, Woocommerce, Wordpress 2026-04-24 8.8 High
Deserialization of Untrusted Data vulnerability in add-ons.org PDF Invoice Builder for WooCommerce pdf-for-woocommerce allows Object Injection.This issue affects PDF Invoice Builder for WooCommerce: from n/a through <= 6.5.0.
CVE-2025-64222 3 Fantasticplugins, Woocommerce, Wordpress 3 Woocommerce Recover Abandoned Cart, Woocommerce, Wordpress 2026-04-24 7.5 High
Missing Authorization vulnerability in FantasticPlugins WooCommerce Recover Abandoned Cart rac allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Recover Abandoned Cart: from n/a through <= 24.6.0.
CVE-2025-68528 3 Woocommerce, Wordpress, Wpfactory 3 Woocommerce, Wordpress, Free Shipping Bar 2026-04-24 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Free Shipping Bar: Amount Left for Free Shipping for WooCommerce amount-left-free-shipping-woocommerce allows Stored XSS.This issue affects Free Shipping Bar: Amount Left for Free Shipping for WooCommerce: from n/a through <= 2.4.9.
CVE-2025-67958 3 Taxcloud, Woocommerce, Wordpress 3 Taxcloud For Woocommerce, Woocommerce, Wordpress 2026-04-24 6.5 Medium
Missing Authorization vulnerability in Taxcloud TaxCloud for WooCommerce simple-sales-tax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TaxCloud for WooCommerce: from n/a through <= 8.3.8.
CVE-2025-68013 3 Cardpaysolutions, Woocommerce, Wordpress 3 Payment Gateway Authorize.net Cim For Woocommerce, Woocommerce, Wordpress 2026-04-24 6.5 Medium
Missing Authorization vulnerability in cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Authorize.Net CIM for WooCommerce: from n/a through <= 2.1.2.
CVE-2026-24606 3 Web Impian, Woocommerce, Wordpress 3 Bayarcash Woo Commerce, Woocommerce, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Web Impian Bayarcash WooCommerce bayarcash-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bayarcash WooCommerce: from n/a through <= 4.3.13.
CVE-2025-68994 3 Woocommerce, Wordpress, Xforwoocommerce 3 Woocommerce, Wordpress, Product Loops 2026-04-23 5.3 Medium
Missing Authorization vulnerability in XforWooCommerce Product Loops for WooCommerce product-loops allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Loops for WooCommerce: from n/a through <= 2.1.2.
CVE-2025-68993 3 Woocommerce, Wordpress, Xforwoocommerce 3 Woocommerce, Wordpress, Share, Print And Pdf Products 2026-04-23 5.3 Medium
Missing Authorization vulnerability in XforWooCommerce Share, Print and PDF Products for WooCommerce share-print-pdf-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share, Print and PDF Products for WooCommerce: from n/a through <= 3.1.2.
CVE-2025-67945 3 Mailerlite, Woocommerce, Wordpress 3 Mailerlite, Woocommerce, Wordpress 2026-04-23 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MailerLite MailerLite – WooCommerce integration woo-mailerlite allows SQL Injection.This issue affects MailerLite – WooCommerce integration: from n/a through <= 3.1.2.
CVE-2025-67580 2 Woocommerce, Wordpress 2 Woocommerce, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Constant Contact Constant Contact + WooCommerce constant-contact-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact + WooCommerce: from n/a through <= 2.4.1.
CVE-2025-66128 3 Brevo, Woocommerce, Wordpress 3 Sendinblue For Woocommerce, Woocommerce, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Brevo Sendinblue for WooCommerce woocommerce-sendinblue-newsletter-subscription allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sendinblue for WooCommerce: from n/a through <= 4.0.49.
CVE-2025-66114 3 Theme Funda, Woocommerce, Wordpress 3 Show Variations As Single Products Woocommerce, Woocommerce, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in theme funda Show Variations as Single Products Woocommerce woo-show-single-variations-shop-category allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Show Variations as Single Products Woocommerce: from n/a through <= 2.0.
CVE-2025-66109 3 Octolize, Woocommerce, Wordpress 3 Cart Weight For Woocommerce, Woocommerce, Wordpress 2026-04-23 5.3 Medium
Missing Authorization vulnerability in Octolize Shipping Plugins Cart Weight for WooCommerce woo-cart-weight allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cart Weight for WooCommerce: from n/a through <= 1.9.11.
CVE-2025-66089 3 Webtoffee, Woocommerce, Wordpress 3 Product Feed For Woocommerce, Woocommerce, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Feed for WooCommerce: from n/a through <= 2.3.1.
CVE-2025-66069 3 Themeisle, Woocommerce, Wordpress 3 Ppom For Woocommerce, Woocommerce, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPOM for WooCommerce: from n/a through <= 33.0.16.