Vanquish Woocommerce Customers Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Vanquish Woocommerce Customers Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2024-13343 — CVSS 8.8 (high): The WooCommerce Customers Manager plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the…
CVE-2024-0399 — CVSS 8.1 (high): The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL…
CVE-2024-3983 — CVSS 8.1 (high): The WooCommerce Customers Manager WordPress plugin before 30.1 does not have CSRF checks in some bulk actions, which could allow attackers…
CVE-2024-1747 — CVSS 6.5 (medium): The WooCommerce Customers Manager WordPress plugin before 30.2 does not have authorisation and CSRF in various AJAX actions, allowing any…
CVE-2024-1756 — CVSS 6.5 (medium): The WooCommerce Customers Manager WordPress plugin before 29.8 does not have authorisation and CSRF in an AJAX action, allowing any…
CVE-2024-2843 — CVSS 6.5 (medium): The WooCommerce Customers Manager WordPress plugin before 30.1 does not have CSRF checks in some places, which could allow attackers to…
CVE-2024-1743 — CVSS 5.9 (medium): The WooCommerce Customers Manager WordPress plugin before 29.8 does not sanitise and escape various parameters before outputting them back…