UpsellWP – Upsell and Related Products Offers for WooCommerce

Vulnerabilities 2Slug checkout-upsell-and-order-bumpsLatest version 2.2.7WordPress.org →

Minimum safe version

2.2.5

Update to 2.2.5 or later to address 1 fixable vulnerability

Latest available2.2.7 ⚠ 1 vulnerability has no fix
High 7.6
2026-03-14< 2.2.5

UpsellWP – WooCommerce Upsell and Related Products Offers <= 2.2.4 - Authenticated (Shop manager+) SQL Injection

WordfenceCVE
Medium 4.3 Unfixed
2026-02-19≤ 2.2.5

CVE-2026-25419

CVEWordfence