Where should operators start on this Plugin hub?

Start with the priority CVE quick links, then open the full report for affected versions, remediation notes, CVSS vectors, and source references.

Plugin Vulnerability Hub

Plugin 13 known issues Latest disclosed Apr 17, 2025

Advanced Dynamic Pricing and Discount Rules for WooCommerce Vulnerabilities

Q: How many Advanced Dynamic Pricing and Discount Rules for WooCommerce vulnerabilities have patch guidance?

13 of 13 tracked Advanced Dynamic Pricing and Discount Rules for WooCommerce records include a published patch path.

Review known vulnerability records for the WordPress plugin Advanced Dynamic Pricing and Discount Rules for WooCommerce (`advanced-dynamic-pricing-for-woocommerce`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2025-39453, CVE-2025-24632 and CVE-2022-40203, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed

Known Records

High or Critical

Patch Coverage

100%

Last Updated

Apr 21, 2025

Priority CVE Quick Links

Fast paths into Advanced Dynamic Pricing and Discount Rules for WooCommerce CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs

CVE-2022-43488 High 4.1.6

CVE-2022-43488 Advanced Dynamic Pricing and Discount Rules for WooCommerce Cross-Site Request Forgery

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery

CVE-2022-43491 High 4.1.6

CVE-2022-43491 Advanced Dynamic Pricing and Discount Rules for WooCommerce Cross-Site Request Forgery

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery

CVE-2022-38095 High 4.1.4

CVE-2022-38095 Advanced Dynamic Pricing and Discount Rules for WooCommerce Cross-Site Request Forgery

Advanced Dynamic Pricing for WooCommerce <= 4.1.3 - Cross-Site Request Forgery to Plugin Settings Update

CVE-2025-24632 Medium 4.9.1

CVE-2025-24632 Advanced Dynamic Pricing and Discount Rules for WooCommerce Cross-Site Scripting

Advanced Dynamic Pricing for WooCommerce <= 4.9.0 - Reflected Cross-Site Scripting

CVE-2022-40203 Medium 4.1.6

CVE-2022-40203 Advanced Dynamic Pricing and Discount Rules for WooCommerce Cross-Site Request Forgery

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery via handleSubmitAction function

CVE-2025-39453 Medium 4.9.5

CVE-2025-39453 Advanced Dynamic Pricing and Discount Rules for WooCommerce Cross-Site Request Forgery

Advanced Dynamic Pricing for WooCommerce <= 4.9.3 - Cross-Site Request Forgery to Settings Update

CVE-2022-40203 Medium 4.1.6

CVE-2022-40203 Advanced Dynamic Pricing and Discount Rules for WooCommerce Cross-Site Request Forgery

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery via migrateProductOnlyToCommon function

CVE-2022-40203 Medium 4.1.6

CVE-2022-40203 Advanced Dynamic Pricing and Discount Rules for WooCommerce Vulnerability

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Missing Authorization in migrateCommonToProductOnly function

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for Advanced Dynamic Pricing and Discount Rules for WooCommerce so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility

13 records include a published patch path, leaving 0 with no listed safe release yet.

Severity Mix

0 critical and 3 high severity findings.

Recent CVEs

CVE-2025-39453, CVE-2025-24632 and CVE-2022-40203

Reference Workflow

Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.

Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

CVE-2025-39453 Medium Patch path listed

CVE-2025-39453: Advanced Dynamic Pricing for WooCommerce <= 4.9.3 - Cross-Site Request Forgery to Settings Update

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.3. This is due to missing or incorrect...

Published

Apr 17, 2025

Patch Status

4.9.5

Open CVE-2025-39453 Report

CVE-2025-24632 Medium Patch path listed

CVE-2025-24632: Advanced Dynamic Pricing for WooCommerce <= 4.9.0 - Reflected Cross-Site Scripting

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 4.9.0 due to insufficient input saniti...

Published

Jan 05, 2025

Patch Status

4.9.1

Open CVE-2025-24632 Report

CVE-2022-40203 Medium Patch path listed

CVE-2022-40203: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery via migrateProductOnlyToCommon function

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.1.5. This is due to missing or incorrect non...

Published

Feb 17, 2023

Patch Status

4.1.6

Open CVE-2022-40203 Report

Known Vulnerabilities

Reports for Advanced Dynamic Pricing and Discount Rules for WooCommerce

Sorted by latest disclosure date so newly published issues surface first.

Plugin Medium Patched: Yes CVE-2025-39453

CVE-2025-39453: Advanced Dynamic Pricing for WooCommerce <= 4.9.3 - Cross-Site Request Forgery to Settings Update

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to u...

Published

Apr 17, 2025

Patched Release

4.9.5

Affected Versions

Versions up to 4.9.3

Next Step

Update to 4.9.5 or newer if supported.

Open CVE-2025-39453 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2025-24632

CVE-2025-24632: Advanced Dynamic Pricing for WooCommerce <= 4.9.0 - Reflected Cross-Site Scripting

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 4.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

Published

Jan 05, 2025

Patched Release

4.9.1

Affected Versions

Versions up to 4.9.0

Next Step

Update to 4.9.1 or newer if supported.

Open CVE-2025-24632 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2022-40203

CVE-2022-40203: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery via migrateProductOnlyToCommon function

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.1.5. This is due to missing or incorrect nonce validation on the migrateProductOnlyToCommon function. This makes it possible for unaut...

Published

Feb 17, 2023

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open CVE-2022-40203 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2022-40203

CVE-2022-40203: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Missing Authorization in migrateCommonToProductOnly function

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the migrateCommonToProductOnly function in versions up to, and including, 4.1.5. This makes it possible for authenticated atta...

Published

Feb 17, 2023

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open CVE-2022-40203 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2022-40203

CVE-2022-40203: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Missing Authorization in ajaxCalculatePrice function

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajaxCalculatePrice function in versions up to, and including, 4.1.5. This makes it possible for authenticated attackers with sub...

Published

Feb 17, 2023

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open CVE-2022-40203 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2022-40203

CVE-2022-40203: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery via handleSubmitAction function

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.1.5. This is due to missing or incorrect nonce validation on the handleSubmitAction function. This makes it possible for unauthenticat...

Published

Feb 17, 2023

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open CVE-2022-40203 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2022-40203

CVE-2022-40203: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Missing Authorization in ajaxCalculateSeveralProducts function

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajaxCalculateSeveralProducts function in versions up to, and including, 4.1.5. This makes it possible for authenticated attacker...

Published

Feb 17, 2023

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open CVE-2022-40203 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2022-40203

CVE-2022-40203: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Missing Authorization in migrateProductOnlyToCommon function

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the migrateProductOnlyToCommon function in versions up to, and including, 4.1.5. This makes it possible for authenticated atta...

Published

Feb 17, 2023

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open CVE-2022-40203 Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2022-40203

CVE-2022-40203: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery via migrateCommonToProductOnly function

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.1.5. This is due to missing or incorrect nonce validation on the migrateCommonToProductOnly function. This makes it possible for unaut...

Published

Feb 17, 2023

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open CVE-2022-40203 Report Open CVE Reference

Plugin High Patched: Yes CVE-2022-43488

CVE-2022-43488: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.1.5. This is due to missing or incorrect nonce validation on several functions related to data migration. This makes it possible for u...

Published

Oct 30, 2022

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open CVE-2022-43488 Report Open CVE Reference

Plugin High Patched: Yes CVE-2022-43491

CVE-2022-43491: Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Cross-Site Request Forgery

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.1.5. This is due to missing or incorrect nonce validation on several functions such as exportCSVBulkRangesAjaxCB(). This makes it poss...

Published

Oct 26, 2022

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open CVE-2022-43491 Report Open CVE Reference

Plugin Medium Patched: Yes

Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - Missing Authorization

The Advanced Dynamic Pricing for WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing access control on the exportCSVBulkRangesAjaxCB() function, in addition to several other functions, in versions up to, and including, 4.1.5. This makes it poss...

Published

Oct 25, 2022

Patched Release

4.1.6

Affected Versions

Versions up to 4.1.5

Next Step

Update to 4.1.6 or newer if supported.

Open Full Report