In WooCommerce in all versions up to and including 2.2.9 a medium severity vulnerability CVE-2024-10852 was detected. This vulnerability allows attackers with low-level access to export plugin settings, potentially exposing sensitive data. To fix this problem, users should upgrade to the latest version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-10852
Read more E-commerceIn WooCommerce in all versions up to and including 2.2.9 a medium severity vulnerability CVE-2024-10854 was detected. This vulnerability allows attackers with low-level access to import and modify plugin settings, potentially compromising data. To fix this problem, users should upgrade to the latest version. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-10854.
Read more E-commerceIn WooCommerce versions up to and including 5.3.9 of the Laybuy Payment Extension a medium severity vulnerability CVE-2024-37203 was detected. This vulnerability allows attackers to exploit incorrectly configured access control security levels. Currently there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-37203.
Read more E-commerceIn WooCommerce Customers Order History plugin versions up to 5.2.2 a medium severity vulnerability CVE-2024-37201 was detected. This issue allows attackers to misuse access control settings. Currently, there is no fix for this vulnerability. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-37201.
Read more E-commerceIn Waitlist plugin for WooCommerce versions up to 2.6 a medium severity vulnerability CVE-2024-43134 was detected. This vulnerability allows attackers to gain unauthorized access to certain WooCommerce waitlist features by exploiting improper security settings. To fix this issue, users should upgrade Waitlist WooCommerce plugin to version 2.6.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-43134.
Read more E-commerceIn Print Barcode Labels plugin for WooCommerce versions up to 3.4.9 a medium severity vulnerability CVE-2024-43310 was detected. This vulnerability allows attackers to gain unauthorized access to barcode printing features for WooCommerce products and orders. To fix this issue, users should upgrade Print Barcode Labels plugin for WooCommerce to version 3.4.10. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-43310.
Read more E-commerceIn WPClever WPC Frequently Bought Together plugin for WooCommerce versions up to 7.1.9 a medium severity vulnerability CVE-2024-43312 was detected. This vulnerability allows attackers to gain unauthorized access to features of the WPC Frequently Bought Together plugin for WooCommerce by exploiting weak access control settings, potentially letting them manipulate or view sensitive data related to purchased products. To fix this issue, users should upgrade WPClever WPC Frequently Bought Together plugin for WooCommerce to version 7.2.0. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-43312.
Read more E-commerceIn WooCommerce Multilingual & Multicurrency versions up to 5.3.6 a medium severity vulnerability CVE-2024-44006 was detected. This vulnerability allows attackers to exploit incorrectly configured access control security levels, potentially bypassing authorization controls. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-44006.
Read more E-commerceIn WooCommerce PDF Voucher plugin versions 4.9.4 and prior a high severity vulnerability CVE-2024-39650 was detected. This vulnerability allows missing capability checks in several functions, leading to unauthorized access. Unauthenticated attackers can exploit this to perform actions intended for admins. To fix this issue, users need to update to versions 4.9.5 or above. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-39650.
Read more E-commerce