GCVE - cpe:2.3:a:wpfactory:ean_for_woocommerce:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:wpfactory:ean_for_woocommerce:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Wpfactory (`5fbbc6ad-468c-5353-925f-7ba5e8eccdf5`)
Product	Ean For Woocommerce (`3adb84c6-30a6-5b56-8247-ffc75ae28063`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/wpcodefactory/ean-for-woocommerce`	purl2cpe	2026-06-01 10:15:08.316418

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-48249`	vulnerable	2026-06-03 15:01:34.313959	WordPress EAN for WooCommerce plugin <= 5.4.6 - Cross Site Scripting (XSS) Vulnerability MEDIUM (6.5) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Stored XSS.This issue affects EAN for WooCommerce: from n/a through <= 5.4.6. Published: 2025-05-19T14:44:56.380Z Updated: 2026-04-28T16:12:53.880Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/ean-for-woocommerce/vulnerability/wordpress-ean-for-woocommerce-5-4-6-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-22673`	vulnerable	2026-06-03 14:59:41.138456	WordPress EAN Barcode Generator <= 5.3.5 - Broken Access Control vulnerability MEDIUM (4.3) Missing Authorization vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through <= 5.3.5. Published: 2025-03-27T14:12:44.483Z Updated: 2026-04-28T16:11:04.364Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/ean-for-woocommerce/vulnerability/wordpress-ean-barcode-generator-5-3-5-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-34370`	vulnerable	2026-06-03 14:55:53.944198	WordPress EAN for WooCommerce plugin <= 4.8.9 - Arbitrary Option Update to Privilege Escalation vulnerability HIGH (7.2) Improper Privilege Management vulnerability in WPFactory EAN for WooCommerce allows Privilege Escalation.This issue affects EAN for WooCommerce: from n/a through 4.8.9. Published: 2024-05-17T08:12:41.892Z Updated: 2026-04-28T16:09:47.908Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/ean-for-woocommerce/wordpress-ean-for-woocommerce-plugin-4-8-9-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.