CVE-2023-6892 — CVSS 6.4 (medium): The EAN for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'alg_wc_ean_product_meta'…
CVE-2023-0062 — CVSS 5.4 (medium): The EAN for WooCommerce WordPress plugin before 4.4.3 does not validate and escape some of its shortcode attributes before outputting them…
CVE-2023-6897 — CVSS 4.3 (medium): The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2…