Vulnerabilities and security researches forfacebook-for-woocommerce facebook-for-woocommerce

Jun 06, 2024

CVE, Research URL: CVE-2019-15840
Home page URL: Security reports for Facebook for WooCommerce
Application: Facebook for WooCommerce
Date: Aug 30, 2019
Research Description: The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF.
Affected versions: max 1.9.15.
Status: vulnerable

CVE, Research URL: CVE-2019-15841
Home page URL: Security reports for Facebook for WooCommerce
Application: Facebook for WooCommerce
Date: Aug 30, 2019
Research Description: The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility.
Affected versions: max 1.9.15.
Status: vulnerable

Dec 10, 2025

CVE, Research URL: CVE-2025-64296
Home page URL: Security reports for Facebook for WooCommerce
Application: Facebook for WooCommerce
Date: Oct 29, 2025
Research Description: Missing Authorization vulnerability in Facebook Facebook for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through 3.5.7.
Affected versions: max 3.5.8.
Status: vulnerable