GCVE - cpe:2.3:a:anhvnit:woocommerce_openpos:6.4.4:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:anhvnit:woocommerce_openpos:6.4.4:*:*:*:*:*:*:*

part: a version: 6.4.4 update: *

Vendor	Anhvnit (`c2d0c530-c044-5c2d-b6a8-94424b1da65f`)
Product	Woocommerce Openpos (`ecbdaaa4-7c58-553d-812d-0949092c6146`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-37935`	vulnerable	2026-06-08 06:39:48.272675	WordPress Woocommerce OpenPos plugin <= 6.4.4 - Unauthenticated Sensitive Data Exposure vulnerability HIGH (7.5) Missing Authorization vulnerability in anhvnit Woocommerce OpenPos allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Woocommerce OpenPos: from n/a through 6.4.4. Published: 2024-08-13T09:47:40.201Z Updated: 2026-04-28T16:10:02.803Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woocommerce-openpos/wordpress-woocommerce-openpos-plugin-6-4-4-unauthenticated-sensitive-data-exposure-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-37933`	vulnerable	2026-06-08 06:39:48.262025	WordPress Woocommerce OpenPos plugin <= 6.4.4 - Unauthenticated SQL Injection vulnerability CRITICAL (9.3) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in anhvnit Woocommerce OpenPos.This issue affects Woocommerce OpenPos: from n/a through 6.4.4. Published: 2024-07-12T13:23:07.232Z Updated: 2026-04-28T16:10:03.771Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woocommerce-openpos/wordpress-woocommerce-openpos-plugin-6-4-4-unauthenticated-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-37932`	vulnerable	2026-06-08 06:39:48.260846	WordPress Woocommerce OpenPos plugin <= 6.4.4 - Unauthenticated Arbitrary File Deletion vulnerability HIGH (8.6) Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in anhvnit Woocommerce OpenPos allows File Manipulation.This issue affects Woocommerce OpenPos: from n/a through 6.4.4. Published: 2024-07-12T14:03:09.283Z Updated: 2026-04-28T16:10:02.935Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/woocommerce-openpos/wordpress-woocommerce-openpos-plugin-6-4-4-unauthenticated-arbitrary-file-deletion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Woocommerce Openpos

PURL mappings

Vulnerability references

Contribute