Automatewoo

CVEs (5)

CVE	Sev	Risk	CVSS	Published	Description
CVE-2023-33318	Cri	0.64	9.9	Dec 20, 2023	Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40.
CVE-2023-33330	Hig	0.55	8.5	Dec 20, 2023	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50.
CVE-2023-32743	Hig	0.49	7.6	Dec 20, 2023	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1.
CVE-2023-32745	Med	0.35	5.4	Nov 9, 2023	Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions.
CVE-2023-36513		0.00	—	Jul 17, 2023	Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.5 versions.

CVE-2023-33318CriDec 20, 2023
risk 0.64cvss 9.9epss 0.00
Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40.
CVE-2023-33330HigDec 20, 2023
risk 0.55cvss 8.5epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50.
CVE-2023-32743HigDec 20, 2023
risk 0.49cvss 7.6epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 5.7.1.
CVE-2023-32745MedNov 9, 2023
risk 0.35cvss 5.4epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.1 versions.
CVE-2023-36513Jul 17, 2023
risk 0.00cvss —epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce AutomateWoo plugin <= 5.7.5 versions.