WordPress Plugin: woocommerce

Vulnerabilities

2018-12-10 WooCommerce <= 3.4.5 - Authenticated Phar Deserialization fixed in version 3.4.6
2018-12-10 WooCommerce <= 3.4.5 - Authenticated Stored XSS fixed in version 3.4.6
2018-11-07 WooCommerce <= 3.4.5 - Authenticated File Deletion to Privilege Escalation fixed in version 3.4.6
2018-10-19 WooCommerce <= 3.4.5 - Authenticated Object Injection fixed in version 3.4.6
2018-08-30 WooCommerce <= 3.4.4 - Potential Object Injection fixed in version 3.4.5
2018-02-23 WooCommerce <= 3.2.3 - Authenticated PHP Object Injection fixed in version 3.2.4
2017-01-04 WooCommerce <= 2.6.8 - Authenticated Tax-Rate CSV XSS fixed in version 2.6.9
2016-09-11 WooCommerce <= 2.6.3 - Stored Cross Site Scripting (XSS) via REST API fixed in version 2.6.4
2016-07-20 WooCommerce <= 2.6.2 - Authenticated Cross-Site Scripting (XSS) fixed in version 2.6.3
2015-11-18 WooCommerce <= 2.4.8 - Authenticated Cross-Site Scripting (XSS) fixed in version 2.4.9
2015-06-10 WooCommerce 2.0.20-2.3.10 - Object Injection / XXE fixed in version 2.3.11
2015-03-13 WooCommerce 2.3 - 2.3.5 - SQL Injection fixed in version 2.3.6
2015-02-22 WooCommerce <= 2.2.10 - Cross-Site Scripting (XSS) fixed in version 2.2.11
2014-12-01 WooCommerce <= 2.2.2 - Reflected Cross-Site Scripting (XSS) fixed in version 2.2.3
2014-09-21 WooCommerce <= 2.1.12 - Reflected Cross-Site Scripting (XSS) fixed in version 2.2.3
2014-08-01 WooCommerce 2.0.17 - hide-wc-extensions-message Parameter Reflected XSS fixed in version 2.0.17
2014-08-01 WooCommerce 2.0.12 - index.php calc_shipping_state Parameter XSS fixed in version 2.0.13