Commerce Plugin <= 2.11.16 PHP Object Injection Vulnerability
12 August, 2025
Commerce plugin <= 2.11.16 Cross Site Scripting (XSS) Vulnerability
16 July, 2025
Commerce plugin <= 2.11.13 Arbitrary File Deletion Vulnerability
3 June, 2025
Commerce plugin <= 2.11.9 Unauthenticated Stored CrossSite Scripting via name Parameter vulnerability
11 February, 2025
Commerce plugin <= 2.9.14 Broken Access Control + CSRF vulnerability
12 April, 2024