Woocommerce For Japan
by WordPress
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-47698 | Hig | 0.49 | 8.6 | 0.00 | Dec 9, 2024 | Missing Authorization vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japanized For WooCommerce: from n/a through <= 2.6.4. | ||
| CVE-2023-0948 | Med | 0.40 | 6.1 | 0.01 | May 8, 2023 | The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting | ||
| CVE-2025-48284 | Med | 0.28 | 5.4 | 0.00 | May 19, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Cross Site Request Forgery.This issue affects Japanized For WooCommerce: from n/a through <= 2.6.40. |
- risk 0.49cvss 8.6epss 0.00
Missing Authorization vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japanized For WooCommerce: from n/a through <= 2.6.4.
- risk 0.40cvss 6.1epss 0.01
The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting
- risk 0.28cvss 5.4epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Cross Site Request Forgery.This issue affects Japanized For WooCommerce: from n/a through <= 2.6.40.