Woo Abandoned Cart Recovery
by WordPress
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-39470 | Hig | 0.47 | 7.2 | 0.00 | Jun 15, 2026 | Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery < 2.1.0 versions. | ||
| CVE-2021-4395 | Med | 0.28 | 4.3 | 0.00 | Jul 1, 2023 | The Abandoned Cart Recovery for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.4. This is due to missing or incorrect nonce validation on the get_items() and extra_tablenav() functions. This makes it possible… | ||
| CVE-2022-4888 | 0.00 | — | 0.00 | Jul 31, 2023 | The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin… | |||
| CVE-2022-2389 | 0.00 | — | 0.00 | Aug 22, 2022 | The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to… |
- risk 0.47cvss 7.2epss 0.00
Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery < 2.1.0 versions.
- risk 0.28cvss 4.3epss 0.00
The Abandoned Cart Recovery for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.4. This is due to missing or incorrect nonce validation on the get_items() and extra_tablenav() functions. This makes it possible…
- CVE-2022-4888Jul 31, 2023risk 0.00cvss —epss 0.00
The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin…
- CVE-2022-2389Aug 22, 2022risk 0.00cvss —epss 0.00
The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to…