webtoffee
Web & CMS Pluginscommercial
Latest CVEs
The 15 most recently published vulnerabilities affecting webtoffee.
- CVE-2026-49056WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability7.5
- CVE-2026-48971WordPress Product Import Export for WooCommerce plugin <= 2.5.6 - Broken Access Control vulnerability4.3
- CVE-2026-45438WordPress Smart Coupons for WooCommerce plugin < 2.3.0 - Broken Access Control vulnerability7.5
- CVE-2026-32441WordPress Comments Import & Export plugin <= 2.4.9 - Broken Access Control vulnerability7.7
- CVE-2026-22480WordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability7.2
- CVE-2025-67599WordPress WebToffee eCommerce Marketing Automation plugin <= 2.1.1 - Broken Access Control vulnerability4.3
- CVE-2025-66112WordPress Accessibility Toolkit by WebYes plugin <= 2.0.4 - Broken Access Control vulnerability4.3
- CVE-2025-66089WordPress Product Feed for WooCommerce plugin <= 2.3.1 - Broken Access Control vulnerability4.3
- CVE-2025-64382WordPress Order Export & Order Import for WooCommerce plugin <= 2.6.7 - Broken Access Control vulnerability4.3
- CVE-2025-12113Alt Text Generator AI – Auto Generate & Bulk Update Alt Texts For Images <= 1.8.3 - Missing Authorization to Authenticated (Subscriber+) API Key Deletion4.3
- CVE-2025-64358WordPress Smart Coupons for WooCommerce plugin <= 2.2.3 - Broken Access Control vulnerability4.3
- CVE-2025-49287WordPress Product Feed for WooCommerce plugin <= 2.2.8 - Broken Access Control Vulnerability4.3
- CVE-2025-3919WordPress Comments Import & Export <= 2.4.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting6.4
- CVE-2024-8397GDPR Cookie Consent <= 2.6.0 - Unauthenticated Stored XSS5.4
- CVE-2024-8286GDPR Cookie Consent <= 2.6.0 - Bulk Delete via CSRF6.5