VYPR

Woo Abandoned Cart Recovery

by WordPress

CVEs (4)

  • CVE-2026-39470HigJun 15, 2026
    risk 0.47cvss 7.2epss 0.00

    Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery < 2.1.0 versions.

  • CVE-2021-4395MedJul 1, 2023
    risk 0.28cvss 4.3epss 0.00

    The Abandoned Cart Recovery for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.4. This is due to missing or incorrect nonce validation on the get_items() and extra_tablenav() functions. This makes it possible…

  • CVE-2022-4888Jul 31, 2023
    risk 0.00cvss epss 0.00

    The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin…

  • CVE-2022-2389Aug 22, 2022
    risk 0.00cvss epss 0.00

    The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to…