Customer Email Verification For Woocommerce
Approved changes feed: RSS · Atom
cpe:2.3:a:wpfactory:customer_email_verification_for_woocommerce:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Wpfactory (5fbbc6ad-468c-5353-925f-7ba5e8eccdf5) |
|---|---|
| Product | Customer Email Verification For Woocommerce (848bc906-3e2d-54f3-a79d-316df9299171) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/wpcodefactory/email-verification-for-woocommerce |
purl2cpe | 2026-06-01 10:15:08.256082 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-4185 |
vulnerable | 2026-06-03 14:57:14.881581 |
Customer Email Verification for WooCommerce <= 2.7.4 - Email Verification and Authentication Bypass due to Insufficient Randomness
HIGH (8.1)
The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Email Verification and Authentication Bypass in all versions up to, and including, 2.7.4 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification, and if both the "Login the user automatically after the account is verified" and "Verify account for current users" options are checked, then it potentially makes it possible for attackers to bypass authentication for other users.
Published: 2024-04-30T08:32:23.492Z
Updated: 2026-04-08T17:31:15.707Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49305 |
vulnerable | 2026-06-03 14:57:12.106757 |
WordPress Customer Email Verification for WooCommerce plugin <= 2.8.10 - SQL Injection vulnerability
CRITICAL (9.3)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFactory Email Verification for WooCommerce emails-verification-for-woocommerce allows SQL Injection.This issue affects Email Verification for WooCommerce: from n/a through <= 2.8.10.
Published: 2024-10-17T17:25:59.239Z
Updated: 2026-04-28T16:10:24.921Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.