Vulnerabilities and security researches forwoocommerce-stock-manager woocommerce-stock-manager

Jan 27, 2026

CVE, Research URL: CVE-2026-24365
Home page URL: Security reports for Stock Manager for WooCommerce
Application: Stock Manager for WooCommerce
Date: Jan 22, 2026
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in storeapps Stock Manager for WooCommerce woocommerce-stock-manager allows Cross Site Request Forgery.This issue affects Stock Manager for WooCommerce: from n/a through < 3.6.0.
Affected versions: max 3.6.0.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2021-34619
Home page URL: Security reports for Stock Manager for WooCommerce
Application: Stock Manager for WooCommerce
Date: Jul 21, 2021
Research Description: The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file.
Affected versions: max 1.0.8.
Status: vulnerable

CVE, Research URL: CVE-2023-35091
Home page URL: Security reports for Stock Manager for WooCommerce
Application: Stock Manager for WooCommerce
Date: Jul 11, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in StoreApps Stock Manager for WooCommerce plugin <= 2.10.0 versions.
Affected versions: max 2.11.0.
Status: vulnerable