cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forfacebook-for-woocommerce facebook-for-woocommerce

Direction: ascending
Jun 06, 2024

Facebook for WooCommerce # CVE-2019-15840

CVE, Research URL

CVE-2019-15840

Home page URL

Security reports for Facebook for WooCommerce

Application

Facebook for WooCommerce

Date
Aug 30, 2019
Research Description
The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF.
Affected versions
max 1.9.15.
Status
vulnerable

Facebook for WooCommerce # CVE-2019-15841

CVE, Research URL

CVE-2019-15841

Home page URL

Security reports for Facebook for WooCommerce

Application

Facebook for WooCommerce

Date
Aug 30, 2019
Research Description
The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility.
Affected versions
max 1.9.15.
Status
vulnerable
Dec 10, 2025

Facebook for WooCommerce # CVE-2025-64296

CVE, Research URL

CVE-2025-64296

Home page URL

Security reports for Facebook for WooCommerce

Application

Facebook for WooCommerce

Date
Oct 29, 2025
Research Description
Missing Authorization vulnerability in Facebook Facebook for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through 3.5.7.
Affected versions
max 3.5.8.
Status
vulnerable
May 26, 2026

Facebook for WooCommerce # PSC-2026-64659

PSC, Research URL

PSC-2026-64659

Home page URL

Security reports for Facebook for WooCommerce

Application

Facebook for WooCommerce

Date
May 26, 2026
Research Description
Commerce integrations expand a WordPress site beyond local content management into external advertising, catalog synchronization, tracking pixels, conversion APIs, and customer communication channels. That integration layer is powerful, but it also increases exposure around tokens, product metadata, order-related events, tracking configuration, and administrator onboarding flows. Meta for WooCommerce version 3.7.0 has successfully completed the CleanTalk Plugin Security Certification process and received PSC-2026-64659, confirming that the plugin was reviewed from a secure code perspective with attention to common exploitation paths for WooCommerce marketing and platform-integration plugins.
Affected versions
Min 3.7.0, max 3.7.0.
Status
SAFE & CERTIFIED