Commerce plugin <= 2.9.5 Authenticated (Administrator+) PHP Object Injection vulnerability
15 November, 2023
Commerce plugin <= 2.9.4 Authenticated (Subscriber+) Arbitrary File Upload vulnerability
14 November, 2023
Commerce plugin <= 2.8.21 Authenticated(level_5+) SQL Injection via get_logs vulnerability
15 September, 2023
Commerce plugin <= 2.8.10 Cross Site Scripting (XSS) vulnerability
27 January, 2023
Contributor+ Stored XSS via Shortcode vulnerability
26 December, 2022