VYPR

Woo Product Filter

by Wpcodefactory

Source repositories

CVEs (2)

  • CVE-2025-39496CriAug 28, 2025
    risk 0.60cvss 9.3epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WooBeWoo Product Filter Pro allows SQL Injection.This issue affects WooBeWoo Product Filter Pro: from n/a before 2.9.6.

  • CVE-2025-11269MedOct 25, 2025
    risk 0.27cvss 5.3epss 0.00

    The Product Filter by WBW plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'approveNotice' action in all versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to update the…