Woocommerce Pos
by WordPress
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-52711 | Hig | 0.49 | 7.5 | — | Jun 16, 2026 | Unauthenticated Broken Access Control in WooCommerce POS <= 1.8.14 versions. | ||
| CVE-2025-48117 | Med | 0.34 | 5.3 | 0.00 | May 16, 2025 | Missing Authorization vulnerability in kilbot WooCommerce POS woocommerce-pos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce POS: from n/a through <= 1.7.8. | ||
| CVE-2024-2384 | Med | 0.28 | 4.3 | 0.00 | Mar 20, 2024 | The WooCommerce POS plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.4.11. This is due to the plugin not properly verifying the authentication and authorization of the current user This makes it possible for authenticated… |
- risk 0.49cvss 7.5epss —
Unauthenticated Broken Access Control in WooCommerce POS <= 1.8.14 versions.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in kilbot WooCommerce POS woocommerce-pos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce POS: from n/a through <= 1.7.8.
- risk 0.28cvss 4.3epss 0.00
The WooCommerce POS plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.4.11. This is due to the plugin not properly verifying the authentication and authorization of the current user This makes it possible for authenticated…