Vulnerabilities and security researches forwoocommerce-wholesale-prices woocommerce-wholesale-prices

Jun 07, 2024

CVE, Research URL: 52d60d940aeadf2db4ad84ad458f877983f7b389
Home page URL: Security reports for Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Application: Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Date: -
Research Description: Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & More [woocommerce-wholesale-prices] < 2.1.5.1 WordPress Wholesale Suite Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS) Update the WordPress Wholesale Suite plugin to the latest available version (at least 2.1.5.1). Dave Jong discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Wholesale Suite Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 2.1.5.1.
Affected versions: max 2.1.5.1.
Status: vulnerable

CVE, Research URL: CVE-2022-41640
Home page URL: Security reports for Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Application: Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Date: May 09, 2023
Research Description: Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Rymera Web Co Wholesale Suite plugin <= 2.1.5 versions.
Affected versions: max 2.1.5.1.
Status: vulnerable

CVE, Research URL: CVE-2022-34344
Home page URL: Security reports for Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Application: Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Date: Jan 09, 2024
Research Description: Missing Authorization vulnerability in Rymera Web Co Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & More.This issue affects Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & More: from n/a through 2.1.5.
Affected versions: max 2.1.5.1.
Status: vulnerable

Jul 14, 2024

CVE, Research URL: CVE-2024-38745
Home page URL: Security reports for Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Application: Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Date: Nov 01, 2024
Research Description: Missing Authorization vulnerability in Rymera Web Co Wholesale Suite allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Wholesale Suite: from n/a through 2.1.12.
Affected versions: max 2.2.0.
Status: vulnerable

Nov 10, 2025

CVE, Research URL: CVE-2025-49924
Home page URL: Security reports for Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Application: Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & Mo
Date: Oct 22, 2025
Research Description: Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through <= 2.2.4.2.
Affected versions: max 2.2.4.2.
Status: vulnerable