Facebook For Woocommerce
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Facebook For Woocommerce.
By the Year
In 2026 there have been 1 vulnerability in Facebook For Woocommerce with an average score of 4.7 out of ten. Last year, in 2025 Facebook For Woocommerce had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Facebook For Woocommerce in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.60
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 4.70 |
| 2025 | 1 | 5.30 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 8.80 |
It may take a day or so for new Facebook For Woocommerce vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Facebook For Woocommerce Security Vulnerabilities
Facebook for WooCommerce <3.7.0 Open Redirect (URL Redirection to Untrusted Site)
CVE-2026-49059
4.7 - Medium
- May 27, 2026
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Facebook Facebook for WooCommerce allows Phishing. This issue affects Facebook for WooCommerce: from n/a through 3.7.0.
Open Redirect
Missing Auth in Facebook for WooCommerce 3.5.7
CVE-2025-64296
5.3 - Medium
- October 29, 2025
Missing Authorization vulnerability in Facebook Facebook for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Facebook for WooCommerce: from n/a through 3.5.7.
AuthZ
The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF.
CVE-2019-15840
8.8 - High
- August 30, 2019
The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF.
Session Riding
The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF
CVE-2019-15841
8.8 - High
- August 30, 2019
The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Facebook For Woocommerce or by Facebook? Click the Watch button to subscribe.
