WCFM – Frontend Manager for WooCommerce
WC Lovers
Developer
6.7.24
Latest version
20,000
Installations
No date
Last updated
Vulnerability history
1 present
7 fixed
5 Mitigation rules
- Broken Access Control vulnerability<= 6.7.24Dec 15, 2025
- Missing Authorization to Unauthenticated Plugin Settings Modification vulnerability<= 6.7.16Jul 8, 2025
- Insecure Direct Object Reference to Account Takeover/Privilege Escalation vulnerability<= 6.7.12Sep 25, 2024
- Cross Site Scripting (XSS) vulnerability<= 6.7.8Mar 25, 2024
- Missing Authorization vulnerability6.6.0Apr 6, 2023
- Cross-Site Request Forgery vulnerability<= 6.5.13Apr 6, 2023
- Unauthenticated SQL Injection (SQLi) vulnerability<= 6.6.1Feb 19, 2022
- SQL Injection (SQLi) vulnerability<= 6.5.11Oct 11, 2021