VulnTitan VulnTitan Security command center
Plugin Vulnerability Hub
Plugin 5 known issues Latest disclosed Dec 29, 2025

Product Delivery Date for WooCommerce – Lite Vulnerabilities

Review known vulnerability records for the WordPress plugin Product Delivery Date for WooCommerce – Lite (`product-delivery-date-for-woocommerce-lite`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2025-69027, CVE-2024-10882 and CVE-2024-9345, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed
Known Records
5
High or Critical
0
Patch Coverage
100%
Last Updated
Jan 13, 2026
Priority CVE Quick Links

Fast paths into Product Delivery Date for WooCommerce – Lite CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs
5
CVE-2024-10882 Medium 2.8.1
CVE-2024-10882 Product Delivery Date for WooCommerce – Lite Cross-Site Scripting

Product Delivery Date for WooCommerce - Lite <= 2.8.0 - Reflected Cross-Site Scripting

CVE-2024-9345 Medium 2.7.4
CVE-2024-9345 Product Delivery Date for WooCommerce – Lite Cross-Site Scripting

Product Delivery Date for WooCommerce – Lite <= 2.7.3 - Reflected Cross-Site Scripting

CVE-2024-38702 Medium 2.7.3
CVE-2024-38702 Product Delivery Date for WooCommerce – Lite Vulnerability

Product Delivery Date for WooCommerce – Lite <= 2.7.2 - Missing Authorization

CVE-2023-52210 Medium 2.7.1
CVE-2023-52210 Product Delivery Date for WooCommerce – Lite Vulnerability

Product Delivery Date for WooCommerce – Lite <= 2.7.0 - Missing Authorization

CVE-2025-69027 Medium 3.3.0
CVE-2025-69027 Product Delivery Date for WooCommerce – Lite Vulnerability

Product Delivery Date for WooCommerce – Lite <= 3.2.0 - Missing Authorization

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for Product Delivery Date for WooCommerce – Lite so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility
5 records include a published patch path, leaving 0 with no listed safe release yet.
Severity Mix
0 critical and 0 high severity findings.
Recent CVEs
CVE-2025-69027, CVE-2024-10882 and CVE-2024-9345
Reference Workflow
Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.
Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

Known Vulnerabilities

Reports for Product Delivery Date for WooCommerce – Lite

Sorted by latest disclosure date so newly published issues surface first.

Plugin Medium Patched: Yes CVE-2025-69027
CVE-2025-69027: Product Delivery Date for WooCommerce – Lite <= 3.2.0 - Missing Authorization

The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with subscriber-level access and...

Published
Dec 29, 2025
Patched Release
3.3.0
Affected Versions
Versions up to 3.2.0
Next Step
Update to 3.3.0 or newer if supported.
Open CVE-2025-69027 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2024-10882
CVE-2024-10882: Product Delivery Date for WooCommerce - Lite <= 2.8.0 - Reflected Cross-Site Scripting

The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.8.0. This makes it possible for...

Published
Nov 12, 2024
Patched Release
2.8.1
Affected Versions
Versions up to 2.8.0
Next Step
Update to 2.8.1 or newer if supported.
Open CVE-2024-10882 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2024-9345
CVE-2024-9345: Product Delivery Date for WooCommerce – Lite <= 2.7.3 - Reflected Cross-Site Scripting

The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.7.3. This makes it possible for unauthenticated at...

Published
Oct 03, 2024
Patched Release
2.7.4
Affected Versions
Versions up to 2.7.3
Next Step
Update to 2.7.4 or newer if supported.
Open CVE-2024-9345 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2024-38702
CVE-2024-38702: Product Delivery Date for WooCommerce – Lite <= 2.7.2 - Missing Authorization

The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the prdd_lite_update_db_check() function in versions up to, and including, 2.7.2. This makes it possible for unauthenticat...

Published
Jul 11, 2024
Patched Release
2.7.3
Affected Versions
Versions up to 2.7.2
Next Step
Update to 2.7.3 or newer if supported.
Open CVE-2024-38702 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2023-52210
CVE-2023-52210: Product Delivery Date for WooCommerce – Lite <= 2.7.0 - Missing Authorization

The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the prdd_delete_all_special_delivery() function in versions up to, and including, 2.7.0. This makes it possible for unauthenticated atta...

Published
Jan 03, 2024
Patched Release
2.7.1
Affected Versions
Versions up to 2.7.0
Next Step
Update to 2.7.1 or newer if supported.
Open CVE-2023-52210 Report Open CVE Reference