websafe-kb/08-threat-intel/registry/entities/woocommerce.json

{
  "entity_id": "woocommerce",
  "entity_type": "system",
  "display_name": "WooCommerce",
  "parent_entity_id": null,
  "root_system_id": "woocommerce",
  "category": "ecommerce",
  "ecosystem": "ecommerce",
  "official": true,
  "status": "cataloged",
  "history_policy": "history-full",
  "repo_url": "",
  "package_registry": "",
  "marketplace_url": "",
  "latest_version": "10.7",
  "version_scheme": "vendor",
  "latest_release_at": "2026-03-12T19:14:25Z",
  "latest_release_url": "https://developer.woocommerce.com/2026/02/16/hpos-sync-on-read-to-be-disabled-by-default-in-woocommerce-10-7/",
  "version_source_refs": [
    "https://developer.woocommerce.com/2026/02/16/hpos-sync-on-read-to-be-disabled-by-default-in-woocommerce-10-7/",
    "https://patchstack.com/database/wordpress/plugin/wc-carta-docente/vulnerability/wordpress-ilghera-carta-docente-for-woocommerce-plugin-1-5-0-authenticated-administrator-path-traversal-to-arbitrary-file-deletion-via-cert-parameter-vulnerability",
    "https://developer.woocommerce.com/2026/03/02/store-api-vulnerability-patched-in-woocommerce-5-4/",
    "https://patchstack.com/database/wordpress/plugin/reviewx/vulnerability/wordpress-reviewx-woocommerce-product-reviews-with-multi-criteria-reminder-emails-google-reviews-schema-more-plugin-2-2-10-incorrect-authorization-to-unauthenticated-information-exposure-and-data-manipulation-vulnerability",
    "https://patchstack.com/database/wordpress/plugin/reviewx/vulnerability/wordpress-reviewx-woocommerce-product-reviews-with-multi-criteria-reminder-emails-google-reviews-schema-more-plugin-2-2-12-unauthenticated-limited-remote-code-execution-vulnerability",
    "https://patchstack.com/database/wordpress/plugin/reviewx/vulnerability/wordpress-reviewx-woocommerce-product-reviews-with-multi-criteria-reminder-emails-google-reviews-schema-more-plugin-2-2-12-unauthenticated-sensitive-information-exposure-to-data-export-vulnerability",
    "https://patchstack.com/database/wordpress/plugin/reviewx/vulnerability/wordpress-reviewx-woocommerce-product-reviews-with-multi-criteria-reminder-emails-google-reviews-schema-more-plugin-2-2-12-unauthenticated-sensitive-information-exposure-vulnerability",
    "https://patchstack.com/database/wordpress/plugin/woo-product-filter/vulnerability/wordpress-product-filter-for-woocommerce-by-wbw-plugin-3-1-2-missing-authorization-to-unauthenticated-filter-data-deletion-via-truncate-table-vulnerability",
    "https://patchstack.com/database/wordpress/plugin/woo-custom-product-addons-pro/vulnerability/wordpress-woocommerce-custom-product-addons-pro-plugin-5-4-1-unauthenticated-remote-code-execution-via-custom-pricing-formula-vulnerability",
    "https://patchstack.com/database/wordpress/plugin/woocommerce-payments/vulnerability/wordpress-woopayments-plugin-10-5-1-missing-authorization-to-unauthenticated-plugin-settings-update-via-save-upe-appearance-ajax-vulnerability"
  ],
  "version_sync_status": "green",
  "security_version_count": 3,
  "last_version_synced_at": "2026-04-01T09:20:53+00:00",
  "latest_version_evidence": [
    "Woo Developer Advisories",
    "Patchstack Database"
  ],
  "catalog_source": "",
  "catalog_reason": "",
  "auto_cataloged": false,
  "last_discovered_at": "2025-04-20T01:37:25+00:00",
  "last_synced_at": "2025-04-20T01:37:25+00:00",
  "history_backfill_status": "complete",
  "latest_sync_status": "green",
  "official_source_covered": true,
  "advisory_count": 111,
  "workflow_complete_advisory_count": 111,
  "version_mapped_advisory_count": 0,
  "first_advisory_at": "2014-07-02T20:55:06+00:00",
  "latest_advisory_at": "2025-04-20T01:37:25+00:00",
  "advisory_ids": [
    "woocommerce--05da41121f",
    "woocommerce--06e151b334",
    "woocommerce--08ab0e40fd",
    "woocommerce--08ff88b89e",
    "woocommerce--1129617837",
    "woocommerce--18f94418c3",
    "woocommerce--1b2a89ca9c",
    "woocommerce--2646cca050",
    "woocommerce--2acb79d818",
    "woocommerce--30c7084831",
    "woocommerce--313be91ecc",
    "woocommerce--35d1bcc8fd",
    "woocommerce--38e031b62a",
    "woocommerce--3b3ee22bdd",
    "woocommerce--3d4415cd8c",
    "woocommerce--3f7bcf6460",
    "woocommerce--40fad2352c",
    "woocommerce--46dfa1debb",
    "woocommerce--4703641b3e",
    "woocommerce--4b8901521b",
    "woocommerce--4e5d64d078",
    "woocommerce--509829ee63",
    "woocommerce--5431e35cb9",
    "woocommerce--583e91c778",
    "woocommerce--5ea81bed02",
    "woocommerce--5ebeb363ab",
    "woocommerce--5f95d49feb",
    "woocommerce--608614d706",
    "woocommerce--61bcf00c63",
    "woocommerce--6398a77e67",
    "woocommerce--669aeb4ed9",
    "woocommerce--69fa3cd79b",
    "woocommerce--6a9eb36c09",
    "woocommerce--6c455c6050",
    "woocommerce--6f6549cea3",
    "woocommerce--6ff424270d",
    "woocommerce--7f9ac413c1",
    "woocommerce--8197f55ac4",
    "woocommerce--81f7400465",
    "woocommerce--82db1502da",
    "woocommerce--8aa1dccc64",
    "woocommerce--94b883541e",
    "woocommerce--9848665054",
    "woocommerce--9b9e3ff8e5",
    "woocommerce--9c50136dd9",
    "woocommerce--CVE-2014-4549",
    "woocommerce--CVE-2014-4558",
    "woocommerce--CVE-2014-6313",
    "woocommerce--CVE-2015-2069",
    "woocommerce--CVE-2015-2329",
    "woocommerce--CVE-2015-5065",
    "woocommerce--CVE-2016-10112",
    "woocommerce--CVE-2016-10922",
    "woocommerce--CVE-2016-10923",
    "woocommerce--CVE-2016-10935",
    "woocommerce--CVE-2017-17058",
    "woocommerce--CVE-2017-18356",
    "woocommerce--CVE-2017-18506",
    "woocommerce--CVE-2017-18592",
    "woocommerce--CVE-2018-11485",
    "woocommerce--CVE-2018-11486",
    "woocommerce--CVE-2018-11525",
    "woocommerce--CVE-2018-11579",
    "woocommerce--CVE-2018-20714",
    "woocommerce--CVE-2018-20782",
    "woocommerce--CVE-2018-20966",
    "woocommerce--CVE-2018-5316",
    "woocommerce--CVE-2018-8710",
    "woocommerce--CVE-2018-8711",
    "woocommerce--CVE-2019-1010124",
    "woocommerce--CVE-2019-11807",
    "woocommerce--CVE-2019-14774",
    "woocommerce--CVE-2019-14796",
    "woocommerce--CVE-2019-14948",
    "woocommerce--CVE-2019-14978",
    "woocommerce--CVE-2019-14979",
    "woocommerce--CVE-2019-15092",
    "woocommerce--CVE-2019-18668",
    "woocommerce--CVE-2019-18834",
    "woocommerce--CVE-2019-20891",
    "woocommerce--CVE-2019-5979",
    "woocommerce--CVE-2019-7441",
    "woocommerce--CVE-2019-9168",
    "woocommerce--CVE-2020-11727",
    "woocommerce--CVE-2020-8819",
    "woocommerce--a130ac93bb",
    "woocommerce--a72c466a05",
    "woocommerce--a89ba1be4d",
    "woocommerce--aa9bdbc2ce",
    "woocommerce--aabb0dbc7f",
    "woocommerce--ab923ae740",
    "woocommerce--ac4a14e633",
    "woocommerce--ac8969a095",
    "woocommerce--b0bcd8ad54",
    "woocommerce--b19dfd0a1c",
    "woocommerce--b213245e4b",
    "woocommerce--bc8055b458",
    "woocommerce--c4c5c5cb89",
    "woocommerce--d01b27ef60",
    "woocommerce--d3da259278",
    "woocommerce--d717626a6f",
    "woocommerce--dd8265593a",
    "woocommerce--e0fa01b204",
    "woocommerce--e2b8d0d0e4",
    "woocommerce--e8abb34bbb",
    "woocommerce--eb8448be50",
    "woocommerce--ec096f5867",
    "woocommerce--ef0c884c7a",
    "woocommerce--ef9e14861f",
    "woocommerce--f0e42669e3",
    "woocommerce--fe6541027e"
  ],
  "source_refs": [
    {
      "name": "Woo Developer Advisories",
      "url": "https://developer.woocommerce.com/",
      "kind": "html-links",
      "status": "active",
      "bucket": "official_sources",
      "official": true
    },
    {
      "name": "GitHub WooCommerce Advisories",
      "url": "https://github.com/woocommerce/woocommerce/security/advisories",
      "kind": "html-links",
      "status": "active",
      "bucket": "official_sources",
      "official": true
    },
    {
      "name": "NVD WooCommerce",
      "url": null,
      "kind": "nvd-search",
      "status": "retired",
      "bucket": "official_sources",
      "official": true
    },
    {
      "name": "OSV WooCommerce",
      "url": null,
      "kind": "osv-batch",
      "status": "active",
      "bucket": "ecosystem_sources",
      "official": false
    },
    {
      "name": "Patchstack Database",
      "url": "https://patchstack.com/database/",
      "kind": "html-links",
      "status": "active",
      "bucket": "ecosystem_sources",
      "official": false
    },
    {
      "name": "Wordfence Vulnerability Database",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/",
      "kind": "html-links",
      "status": "active",
      "bucket": "ecosystem_sources",
      "official": false
    }
  ]
}