VYPR
Vendor

Xforwoocommerce

Products
17
CVEs
5
Across products
21
Status
Private

Products

17

Recent CVEs

5
  • CVE-2024-33628HigJun 4, 2024
    risk 0.57cvss 8.8epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in XforWooCommerce allows PHP Local File Inclusion.This issue affects XforWooCommerce: from n/a through 2.0.2.

  • CVE-2021-4337HigJun 7, 2023
    risk 0.57cvss 8.8epss 0.01

    Sixteen XforWooCommerce Add-On Plugins for WordPress are vulnerable to authorization bypass due to a missing capability check on the wp_ajax_svx_ajax_factory function in various versions listed below. This makes it possible for authenticated attackers, with subscriber-level…

  • CVE-2025-8416HigOct 25, 2025
    risk 0.49cvss 7.5epss 0.00

    The Product Filter by WBW plugin for WordPress is vulnerable to SQL Injection via the 'filtersDataBackend' parameter in all versions up to, and including, 2.9.7. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the…

  • CVE-2025-68994MedDec 30, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in XforWooCommerce Product Loops for WooCommerce product-loops allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Loops for WooCommerce: from n/a through <= 2.1.2.

  • CVE-2025-68993MedDec 30, 2025
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in XforWooCommerce Share, Print and PDF Products for WooCommerce share-print-pdf-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share, Print and PDF Products for WooCommerce: from n/a…