Cross-Site Request Forgery (CSRF) vulnerability in QuanticEdge First Order Discount Woocommerce.This issue affects First Order Discount Woocommerce: from n/a through...
8.8CVSS
7.2AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Stranger Studios Force First and Last Name as Display Name plugin <= 1.2...
8.8CVSS
7.2AI Score
0.001EPSS
The Orders functionality in the WP iCommerce WordPress plugin through 1.1.1 has an order_id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as...
7.2CVSS
7.2AI Score
0.001EPSS
The Target First WordPress Plugin v2.0, also previously known as Watcheezy, suffers from a critical unauthenticated stored XSS vulnerability. An attacker could change the licence key value through a POST on any URL with the 'weeWzKey' parameter that will be save as the 'weeID option and is not...
6.1CVSS
6AI Score
0.001EPSS
The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the same signatures) in other.....
7.5CVSS
7.3AI Score
0.001EPSS
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows low privileged attacker with network access via...
8.1CVSS
7.3AI Score
0.001EPSS
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations, Client Application Loader). Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows low privileged attacker with network...
5.4CVSS
5.8AI Score
0.001EPSS
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Client Application Loader). Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP....
7.5CVSS
7.1AI Score
0.001EPSS
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations). Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
6.5CVSS
6.7AI Score
0.001EPSS
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Core). The supported version that is affected is 1.7.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
7.6CVSS
7.6AI Score
0.001EPSS
Vulnerability in the Oracle Hospitality Simphony First Edition Venue Management component of Oracle Hospitality Applications (subcomponent: Core). The supported version that is affected is 3.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
6.4CVSS
6.2AI Score
0.001EPSS