目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

WooCommerce 厂商漏洞列表 / CVE 中文分析 47

WooCommerce 厂商相关 47 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

WooCommerce 是 WordPress 生态中广泛使用的开源电商插件,核心用途为构建在线商店。其历史漏洞多集中于未授权访问、跨站脚本(XSS)及远程代码执行(RCE),常因输入验证不足或权限控制缺陷引发。截至最新统计,已收录 47 条 CVE,涉及敏感信息泄露与文件包含风险。开发者持续通过安全更新修复缺陷,建议用户保持版本最新并遵循最小权限原则以保障交易数据安全。

Top products by WooCommerce: AutomateWoo WooCommerce Stripe Payment Gateway Product Vendors Shipping Multiple Addresses woocommerce WooCommerce Square WooCommerce Bookings Product Add-Ons WooCommerce Box Office WooCommerce Pre-Orders WooCommerce Follow-Up Emails (AutomateWoo) WooCommerce Brands woocommerce-gutenberg-products-block WooPayments: Integrated WooCommerce Payments Google for WooCommerce WooCommerce Smart Coupons WooCommerce One Page Checkout WooCommerce Shipping Per Product Canada Post Shipping Method GoCardless Woo Subscriptions WooCommerce Product Vendors Product Recommendations Bulk Stock Management WooCommerce PayPal Payments Composite Products WooCommerce Order Barcodes Returns and Warranty Requests
CVE ID标题CVSS风险等级Published
CVE-2023-32746 WordPress plugin WooCommerce Brands 跨站脚本漏洞 — WooCommerce BrandsCWE-79 6.5 Medium2023-08-30
CVE-2023-32793 WordPress plugin WooCommerce Pre-Orders 跨站脚本漏洞 — WooCommerce Pre-OrdersCWE-79 6.5 Medium2023-08-30
CVE-2023-32802 WordPress plugin WooCommerce Pre-Orders 跨站脚本漏洞 — WooCommerce Pre-OrdersCWE-79 7.1 High2023-08-30
CVE-2023-32801 WordPress plugin Composite Products 跨站脚本漏洞 — Composite ProductsCWE-79 7.1 High2023-08-30
CVE-2023-37873 WordPress plugin WooCommerce Shipping Multiple Addresses 跨站脚本漏洞 — Shipping Multiple AddressesCWE-79 7.1 High2023-08-05
CVE-2023-36514 WordPress Plugin WooCommerce Ship to Multiple Addresses 跨站请求伪造漏洞 — Shipping Multiple AddressesCWE-352 6.5 Medium2023-07-17
CVE-2023-36513 WordPress Plugin AutomateWoo 跨站请求伪造漏洞 — AutomateWooCWE-352 5.4 Medium2023-07-17
CVE-2023-36511 WordPress Plugin WooCommerce Order Barcodes 跨站请求伪造漏洞 — WooCommerce Order BarcodesCWE-352 4.3 Medium2023-07-17
CVE-2023-35880 WordPress Plugin WooCommerce Brands 跨站请求伪造漏洞 — WooCommerce BrandsCWE-352 5.4 Medium2023-07-17
CVE-2023-35917 WordPress Plugin WooCommerce PayPal Payments 跨站请求伪造漏洞 — WooCommerce PayPal PaymentsCWE-352 4.3 Medium2023-06-22
CVE-2023-35918 WordPress Plugin WooCommerce Bulk Stock Management 跨站脚本漏洞 — Bulk Stock ManagementCWE-79 7.1 High2023-06-22
CVE-2023-34000 WordPress Plugin WooCommerce Stripe Payment Gateway 安全漏洞 — WooCommerce Stripe Payment GatewayCWE-639 7.5 High2023-06-14
CVE-2023-33332 WordPress plugin WooCommerce Product Vendors 跨站脚本漏洞 — WooCommerce Product VendorsCWE-79 7.1 High2023-05-28
CVE-2023-33319 WordPress plugin WooCommerce Follow-Up Emails 跨站脚本漏洞 — WooCommerce Follow-Up Emails (AutomateWoo)CWE-79 7.1 High2023-05-28
CVE-2023-33316 WordPress plugin WooCommerce Follow-Up Emails 跨站请求伪造漏洞 — WooCommerce Follow-Up Emails (AutomateWoo)CWE-352 5.4 Medium2023-05-28
CVE-2021-32790 WordPress SQL注入漏洞 — woocommerceCWE-89 4.9 Medium2021-07-26
CVE-2021-32789 WordPress SQL注入漏洞 — woocommerce-gutenberg-products-blockCWE-89 7.5 High2021-07-26

本页汇总了 WooCommerce 厂商截至目前公开的全部 47 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。