woocommerce/woocommerce Security Advisories for 3.4.7 (4)
-
[MEDIUM] WooCommerce WordPress plugin before 6.6.0 vulnerable to stored HTML injection
PKSA-sgm3-pd55-zhds CVE-2022-2099 GHSA-jwvf-28fg-g4xg
Affected version: <6.6.0
Reported by:
GitHub -
[MEDIUM] Woocommerce Cross-site Scripting via Additional tax classes field when taxes are enabled
PKSA-5c3v-z6jw-1fgc CVE-2021-24323 GHSA-mp46-7x6q-f28m
Affected version: <5.2.0
Reported by:
GitHub -
[MEDIUM] WooCommerce Incorrect Authorization
PKSA-m2w3-cj2r-6yn5 CVE-2020-29156 GHSA-wwh8-v3j3-gxfw
Affected version: <4.7.0
Reported by:
GitHub -
[HIGH] WooCommerce Cross-Site Request Forgery (CSRF)
PKSA-drmm-wx7b-585f CVE-2019-20891 GHSA-rcmf-88p4-9wrg
Affected version: <3.6.5
Reported by:
GitHub