Is your site up to date?
Outdate plugins & themes are the #1 reason sites get hacked. Don’t leave your WooCommerce store vulnerable!
Sitewide Notice WP
Plugin:Â Sitewide Notice WP
Vulnerability: Authenticated Stored XSS
Patched in Version: 2.3
Business Hours Indicator
Plugin:Â Business Hours IndicatorÂ
Vulnerability: Authenticated Stored XSS
Patched in Version: 2.3.5
Severity Score: Low
Bold Page Builder
Plugin:Â Bold Page Builder
Vulnerability: PHP Object Injection
Patched in Version: 3.1.6
Severity Score: Medium
ShareThis Dashboard for Google Analytics
Plugin:Â ShareThis Dashboard for Google Analytics
Vulnerability: Reflected Cross-Site Scripting (XSS)
Patched in Version: 2.5.2
Severity Score: High
Story Chief
Plugin:Â StoryChief
Vulnerability: Reflected Cross-Site Scripting (XSS)
Patched in Version: 1.0.31
Severity Score: High
WP LMS
Plugin:Â WP LMS
Vulnerability: Unauthenticated Arbitrary User Field Edition/Creation
Patched in Version: 1.1.5
Severity Score: Medium
VDZ Google Analytics or Google Tag Manager / GTM
Plugin:Â VDZ Google Analytics or Google Tag Manager / GTM
Vulnerability: Authenticated Stored XSS
Patched in Version: 1.6.0
Severity Score: Low
Cooked
Plugin:Â CookedÂ
Vulnerability: Unauthenticated Reflected Cross-Site Scripting (XSS)
Patched in Version: 1.7.9.1
Severity Score: Medium
Email Encoder
Plugin: Email Encoder – Protect Email Addresses
Vulnerability: Reflected Cross Site Scripting
Patched in Version: 2.1.2
Severity Score: Medium
SMS Alert Order Notifications - WooCommerce
Plugin: SMS Alert Order Notifications – WooCommerce
Vulnerability: Authenticated Cross Site Scripting
Patched in Version: 3.4.7
Severity Score: Low
HM Multiple Roles
Plugin:Â HM Multiple Roles
Vulnerability: Arbitrary Role Change
Patched in Version: 1.3
Severity Score: Critical
WP Customize Login
Plugin:Â WP Customize Login
Vulnerability: Authenticated Stored Cross-Site Scripting (XSS)
Patched in Version:Â No known fix
Severity Score: Low
User Rights Access Manager
Plugin:Â User Rights Access ManagerÂ
Vulnerability: Access Restriction Bypass
Patched in Version:Â No known fix
Severity Score: Medium
JiangQie Official Website Mini Program
Plugin:Â JiangQie Official Website Mini Program
Vulnerability: Authenticated SQL Injection
Patched in Version: 1.1.1
Severity Score: Critical
Favicon by RealFaviconGenerator
Plugin:Â Favicon by RealFaviconGeneratorÂ
Vulnerability: Reflected Cross-Site Scripting (XSS)
Patched in Version:Â No known fix
Severity Score: High
Welcart e-Commerce
Plugin:Â Welcart e-Commerce
Vulnerability: Unauthenticated Information Disclosure
Patched in Version: 2.2.8
Severity Score: High
Highlight
Plugin:Â Highlight
Vulnerability: Authenticated Stored Cross-Site Scripting
Patched in Version: 0.9.3
Severity Score: Low
Cookie Notice & Consent Banner for GDPR & CCPA Compliance
Plugin:Â Cookie Notice & Consent Banner for GDPR & CCPA Compliance
Vulnerability: Authenticated Stored XSS
Patched in Version: 1.7.2
Severity Score: Low
Pods
Plugin:Â Pods
Vulnerability: Multiple Authenticated Stored Cross-Site Scripting (XSS)
Patched in Version: 2.7.29
Severity Score: Low