VYPR

Woocommerce Blocks

by WordPress

CVEs (2)

  • CVE-2024-8393MedAug 16, 2025
    risk 0.43cvss 6.6epss 0.01

    The Woocommerce Blocks – Woolook plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.0 via the via the 'tab' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include…

  • CVE-2023-47777MedNov 30, 2023
    risk 0.42cvss 6.5epss 0.01

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooCommerce, Automattic WooCommerce Blocks allows Stored XSS.This issue affects WooCommerce: from n/a through 8.1.1; WooCommerce Blocks: from n/a through 11.1.1.