Decorator – WooCommerce Email Customizer Security Vulnerabilities

CVE-2024-30470

Missing Authorization vulnerability in YITH YITH WooCommerce Account Funds Premium.This issue affects YITH WooCommerce Account Funds Premium: from n/a through...

CVE-2024-30470

Missing Authorization vulnerability in YITH YITH WooCommerce Account Funds Premium.This issue affects YITH WooCommerce Account Funds Premium: from n/a through...

CVE-2024-30466

Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through...

CVE-2024-30466

Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through...

CVE-2024-25929

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through...

CVE-2023-34003

Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through...

CVE-2024-25929

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through...

CVE-2023-34003

Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through...

CVE-2024-31267 WordPress Flexible Checkout Fields for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Desk Flexible Checkout Fields for WooCommerce.This issue affects Flexible Checkout Fields for WooCommerce: from n/a through...

CVE-2024-31267 WordPress Flexible Checkout Fields for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Desk Flexible Checkout Fields for WooCommerce.This issue affects Flexible Checkout Fields for WooCommerce: from n/a through...

CVE-2024-30485 WordPress Finale Lite plugin <= 2.18.0 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability

Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through...

CVE-2024-30470 WordPress YITH WooCommerce Account Funds Premium plugin <= 1.32.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in YITH YITH WooCommerce Account Funds Premium.This issue affects YITH WooCommerce Account Funds Premium: from n/a through...

CVE-2024-30470 WordPress YITH WooCommerce Account Funds Premium plugin <= 1.32.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in YITH YITH WooCommerce Account Funds Premium.This issue affects YITH WooCommerce Account Funds Premium: from n/a through...

CVE-2024-30466 WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through...

CVE-2024-25929 WordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through...

CVE-2024-25929 WordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through...

CVE-2023-34003 WordPress WooCommerce Box Office plugin <= 1.1.51 - Unauthenticated Save Ticket Barcode vulnerability

Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through...

CVE-2023-34003 WordPress WooCommerce Box Office plugin <= 1.1.51 - Unauthenticated Save Ticket Barcode vulnerability

Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through...

CVE-2024-31098

Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through...

CVE-2024-31098

Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through...

CVE-2024-30537

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through...

CVE-2024-30537

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through...

CVE-2023-52232

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

CVE-2023-52230

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

CVE-2023-52232

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

CVE-2023-52230

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

CVE-2023-51494

Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through...

CVE-2023-51494

Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through...

CVE-2023-51494 WordPress WooCommerce Product Vendors plugin <= 2.2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through...

CVE-2023-51494 WordPress WooCommerce Product Vendors plugin <= 2.2.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through...

CVE-2023-52230 WordPress Booster Plus for WooCommerce plugin < 7.1.3 - Authenticated Arbitrary WordPress Option Disclosure Vulnerability

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

CVE-2023-52230 WordPress Booster Plus for WooCommerce plugin < 7.1.3 - Authenticated Arbitrary WordPress Option Disclosure Vulnerability

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

CVE-2023-52232 WordPress Booster Plus for WooCommerce plugin < 7.1.2 - Authenticated Arbitrary Post/Page Deletion Vulnerability

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

CVE-2023-52232 WordPress Booster Plus for WooCommerce plugin < 7.1.2 - Authenticated Arbitrary Post/Page Deletion Vulnerability

Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before...

CVE-2024-30537 WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through...

CVE-2024-30537 WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through...

CVE-2024-31098 WordPress New Order Notification for Woocommerce plugin <= 2.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through...

CVE-2024-31098 WordPress New Order Notification for Woocommerce plugin <= 2.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through...

Exploit for CVE-2023-22515

CVE-2023-22515 Тут описана логика эксплуатации уязвимости,...

CVE-2024-35698

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Tab Manager allows Stored XSS.This issue affects YITH WooCommerce Tab Manager: from n/a through...

CVE-2024-35698

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Tab Manager allows Stored XSS.This issue affects YITH WooCommerce Tab Manager: from n/a through...

CVE-2024-35698 WordPress YITH WooCommerce Tab Manager plugin <= 1.35.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Tab Manager allows Stored XSS.This issue affects YITH WooCommerce Tab Manager: from n/a through...

CVE-2024-35733

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RLDD Auto Coupons for WooCommerce allows Reflected XSS.This issue affects Auto Coupons for WooCommerce: from n/a through...

CVE-2024-35733

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RLDD Auto Coupons for WooCommerce allows Reflected XSS.This issue affects Auto Coupons for WooCommerce: from n/a through...

CVE-2024-35730

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in realmag777 Active Products Tables for WooCommerce allows Reflected XSS.This issue affects Active Products Tables for WooCommerce: from n/a through...

CVE-2024-35730

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in realmag777 Active Products Tables for WooCommerce allows Reflected XSS.This issue affects Active Products Tables for WooCommerce: from n/a through...

CVE-2024-35730 WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in realmag777 Active Products Tables for WooCommerce allows Reflected XSS.This issue affects Active Products Tables for WooCommerce: from n/a through...

CVE-2024-35730 WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in realmag777 Active Products Tables for WooCommerce allows Reflected XSS.This issue affects Active Products Tables for WooCommerce: from n/a through...

CVE-2024-35733 WordPress Auto Coupons for WooCommerce plugin <= 3.0.14 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RLDD Auto Coupons for WooCommerce allows Reflected XSS.This issue affects Auto Coupons for WooCommerce: from n/a through...

CVE-2024-5638

The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'ti_customizer_notify_dismiss_recommended_plugins' AJAX action in all versions up to, and including, 0.5.1 due to insufficient input sanitization and output escaping. This makes it...