Commerce plugin <= 2.11.16 Cross Site Scripting (XSS) Vulnerability
16 July, 2025
Commerce plugin <= 2.11.13 Arbitrary File Deletion Vulnerability
3 June, 2025
Commerce plugin <= 2.11.9 Unauthenticated Stored CrossSite Scripting via name Parameter vulnerability
11 February, 2025
Commerce plugin <= 2.9.14 Broken Access Control + CSRF vulnerability
12 April, 2024
Commerce plugin <= 2.9.3 SQL Injection vulnerability
21 December, 2023