CVE-2021-32790 - Woocommerce Plugin
CVE-2021-32790
Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors (already) having admin access, or API keys to the WooCommerce site can exploit vulnerable endpoints of `/wp-json/wc/v3/webhooks`, `/wp-json/wc/v2/webhooks` and other webhook listing API. Read-only SQL queries can be executed using this exploit, while data will not be returned, by carefully crafting `search` parameter information can be disclosed using timing and related attacks. Version 3.3.6 is the earliest version of Woocommerce with a patch for this vulnerability. There are no known workarounds other than upgrading.
CVE-2021-32790
MEDIUM
CVSS 4.9
Published 2021-07-26
Updated 2024-11-21
AI Risk Elevated (71/100)
Active Exploit: Likely
Published Exploit: Public exploit references found
Priority: P3 Priority
Severity Band
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected Components
1
Reference Links
2
AI Risk Engine
Elevated (71/100)
Exploitability
High
Active Exploitation
Likely
Published Exploit Status
Public exploit references found
AI Context
Machine-generated threat intelligence
AI
Updated 4 days ago
AI enriched 4 days ago (2026-04-12 03:05 UTC)
Technical Summary
Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors (already) having admin access, or API keys to the WooCommerce site can exploit vulnerable endpoints of `/wp-json/wc/v3/webhooks`, `/wp-json/wc/v2/webhooks` and other webhook listing API. Read-only SQL queries can be executed using this exploit, while data will not be returned, by carefully crafting `search` parameter information can be disclosed using timing and related attacks.…
Potential Impact
Severity is MEDIUM (CVSS 4.9). Depending on deployment context, affected components may be exposed to unauthorized actions or data integrity risk.
Exploitability Assessment
Exploitability is assessed as High based on published exploit references, remote code execution potential.
Primary risk drivers: published exploit references, remote code execution potential
Mitigation Recommendations
Validate affected product versions, prioritize patching, and monitor references for vendor remediation guidance. If immediate patching is not possible, apply compensating controls and limit exposure of vulnerable surfaces.
Detection & Monitoring
Track authentication anomalies, unexpected file writes, and suspicious plugin API activity around affected components.
Business Impact Lens
AI risk score 71/100 (Elevated, High) with priority P3 Priority. Prioritize remediation where affected components process customer data, admin sessions, or Internet-exposed workflows.
