WowStore – Store Builder & Product Blocks for WooCommerce Plugin Vulnerabilities

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for WowStore – Store Builder & Product Blocks for WooCommerce so operators can quickly confirm whether a disclosed issue maps to the installed slug and version range.

Patch Visibility

5 records include a published patch path.

Severity Mix

1 critical and 1 high severity finding.

Reference Workflow

Jump from the hub into the full report when you need remediation notes, CVSS vector details, or source references.

Known Vulnerabilities

Reports for WowStore – Store Builder & Product Blocks for WooCommerce

Sorted by latest disclosure date so newly published issues surface first.

Plugin High Patched: Yes CVE-2026-2579

WowStore – Store Builder & Product Blocks for WooCommerce <= 4.4.3 - Unauthenticated SQL Injection via 'search' Parameter

The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the ‘search’ parameter in all versions up to, and including, 4.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation...

Published

Mar 16, 2026

Patched Release

4.4.4

Affected Versions

Versions up to 4.4.3

Next Step

Update to 4.4.4 or newer if supported.

Open Full Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2025-39571

WowStore <= 4.2.4 - Missing Authorization

The WooCommerce Builder & Gutenberg WooCommerce Blocks – WowStore plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 4.2.4. This makes it possible for authenticated attackers, with Subscr...

Published

Apr 16, 2025

Patched Release

4.2.5

Affected Versions

Versions up to 4.2.4

Next Step

Update to 4.2.5 or newer if supported.

Open Full Report Open CVE Reference

Plugin Critical Patched: Yes CVE-2024-23512

ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks <= 3.1.4 - PHP Object Injection via wopb_wishlist and wopb_compare

The ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1.4 via deserialization of untrusted input from the 'wopb_wishlist' and 'wopb_compare' cookies. This makes it possi...

Published

Jan 30, 2024

Patched Release

3.1.5

Affected Versions

Versions up to 3.1.4

Next Step

Update to 3.1.5 or newer if supported.

Open Full Report Open CVE Reference

Plugin Medium Patched: Yes CVE-2023-45271

ProductX – Gutenberg WooCommerce Blocks <= 2.7.8 - Missing Authorization via option_data_save

The ProductX – Gutenberg WooCommerce Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the option_data_save function in versions up to, and including, 2.7.8. This makes it possible for authenticated attackers, with...

Published

Oct 06, 2023

Patched Release

3.0.0

Affected Versions

Versions up to 2.7.8

Next Step

Update to 3.0.0 or newer if supported.

Open Full Report Open CVE Reference

Plugin Medium Patched: Yes

ProductX – Gutenberg WooCommerce Blocks – WooCommerce Builder, Wishlist for WooCommerce, Products Comparison, Quick View, Online Store – All in One Solution <= 2.2.5 - Multiple Cross-Site Scripting

ProductX – Gutenberg WooCommerce Blocks – WooCommerce Builder, Wishlist for WooCommerce, Products Comparison, Quick View, Online Store – All in One Solution in versions up to and including 2.2.5 is vulnerable to Cross-Site Scripting due to insufficient sanitization and output esc...

Published

May 22, 2022

Patched Release

2.2.6

Affected Versions

Versions up to 2.2.5

Next Step

Update to 2.2.6 or newer if supported.

Open Full Report

WowStore – Store Builder & Product Blocks for WooCommerce Vulnerabilities

What this page helps you verify fast

Reports for WowStore – Store Builder & Product Blocks for WooCommerce