Vulnerabilities and security researches forwoc-open-close woc-open-close

May 09, 2025

CVE, Research URL: CVE-2025-47649
Home page URL: Security reports for Open Close WooCommerce Store – Best Business Schedules Manager
Application: Open Close WooCommerce Store – Best Business Schedules Manager
Date: May 07, 2025
Research Description: Path Traversal vulnerability in ilmosys Open Close WooCommerce Store allows PHP Local File Inclusion. This issue affects Open Close WooCommerce Store: from n/a through 4.9.5.
Affected versions: Min -, max -.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2024-32522
Home page URL: Security reports for Open Close WooCommerce Store – Best Business Schedules Manager
Application: Open Close WooCommerce Store – Best Business Schedules Manager
Date: Apr 17, 2024
Research Description: Missing Authorization vulnerability in Jaed Mosharraf & Pluginbazar Team Open Close WooCommerce Store.This issue affects Open Close WooCommerce Store: from n/a through 4.9.1.
Affected versions: Min -, max -.
Status: vulnerable

CVE, Research URL: 9b74fb5c984ecf233d3b7c119e86f14f5bcb2e5a
Home page URL: Security reports for Open Close WooCommerce Store – Best Business Schedules Manager
Application: Open Close WooCommerce Store – Best Business Schedules Manager
Date: Apr 17, 2022
Research Description: Open Close WooCommerce Store – Best Business Schedules Manager [woc-open-close] < 4.3.1 Woocommerce Open Close – Best Business Schedules Manager <= 4.3.0 - Reflected Cross-Site Scripting The Woocommerce Open Close – Best Business Schedules Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via a URL in versions up to, and including 4.3.0 due to insufficient sanitization and escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions: Min -, max -.
Status: vulnerable