Skip to main content

Ppom For Woocommerce

2 CVEs product

Monthly

CVE-2026-56050 MEDIUM This Month

Improper access control in PPOM for WooCommerce (all versions through 33.0.18) enables unauthenticated remote attackers to bypass access controls and perform unauthorized operations affecting the integrity and availability of affected WooCommerce stores. Classified under CWE-284 and confirmed as an authentication bypass by Patchstack, the flaw exposes plugin-managed product option data to manipulation or disruption without requiring any credentials. No public exploit code has been identified at time of analysis, and the vulnerability has not been added to CISA KEV.

Authentication Bypass WordPress Ppom For Woocommerce
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2019-14948 MEDIUM POC This Month

The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Ppom For Woocommerce
NVD
CVSS 3.1
5.4
EPSS
1.0%
EPSS 0% CVSS 6.5
MEDIUM This Month

Improper access control in PPOM for WooCommerce (all versions through 33.0.18) enables unauthenticated remote attackers to bypass access controls and perform unauthorized operations affecting the integrity and availability of affected WooCommerce stores. Classified under CWE-284 and confirmed as an authentication bypass by Patchstack, the flaw exposes plugin-managed product option data to manipulation or disruption without requiring any credentials. No public exploit code has been identified at time of analysis, and the vulnerability has not been added to CISA KEV.

Authentication Bypass WordPress Ppom For Woocommerce
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Ppom For Woocommerce
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy