Approved changes feed: RSS · Atom

cpe:2.3:a:storeapps:woocommerce_stock_manager:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorStoreapps (f3305b7b-3329-5431-b14f-1a5fac7a4755)
ProductWoocommerce Stock Manager (14fa0d28-de31-57e4-b8d9-a457f2eac028)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/musilda/woocommerce-stock-manager purl2cpe 2026-06-01 10:13:05.885277
pkg:github/wp-plugins/woocommerce-stock-manager purl2cpe 2026-06-01 10:13:05.885279

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-34619 vulnerable 2026-06-08 05:32:14.296462 Cross-Site Request Forgery in WooCommerce Stock Manager WordPress Plugin
HIGH (8.8)
The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file.
Published: 2021-07-21T11:09:37.170Z
Updated: 2024-09-16T22:35:25.662Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.