GCVE - cpe:2.3:a:woocommerce:shipping_multiple

Approved changes feed: RSS · Atom

cpe:2.3:a:woocommerce:shipping_multiple_addresses:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Woocommerce (`c7b0e075-8e70-51f0-86a8-e45639512f20`)
Product	Shipping Multiple Addresses (`62ab6346-9f9f-5ac9-98ad-7c9f0ed20f80`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-37873`	vulnerable	2026-06-03 14:52:29.550575	WordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.5 is vulnerable to Cross Site Scripting (XSS) HIGH (7.1) Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions. Published: 2023-08-05T22:18:45.682Z Updated: 2026-04-28T16:08:32.220Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woocommerce-shipping-multiple-addresses/wordpress-woocommerce-ship-to-multiple-addresses-plugin-3-8-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-36514`	vulnerable	2026-06-03 14:52:26.519931	WordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.5 is vulnerable to Cross Site Request Forgery (CSRF) MEDIUM (6.5) Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions. Published: 2023-07-17T14:30:41.215Z Updated: 2026-04-28T16:08:31.269Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woocommerce-shipping-multiple-addresses/wordpress-woocommerce-ship-to-multiple-addresses-plugin-3-8-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-32799`	vulnerable	2026-06-03 14:52:00.004574	WordPress WooCommerce Ship to Multiple Addresses Plugin <= 3.8.3 is vulnerable to Insecure Direct Object References (IDOR) MEDIUM (6.5) Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a through 3.8.3. Published: 2023-12-21T18:22:30.073Z Updated: 2026-04-28T16:08:24.413Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woocommerce-shipping-multiple-addresses/wordpress-woocommerce-ship-to-multiple-addresses-plugin-3-8-3-insecure-direct-object-references-idor-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Shipping Multiple Addresses

PURL mappings

Vulnerability references

Contribute