Sixteen XforWooCommerce Add-On Plugins for WordPress are vulnerable to authorization bypass due to a missing capability check on the wp_ajax_svx_ajax_factory function in various versions listed below. This makes it possible for authenticated attackers, with subscriber-level permissions and above, t...
8.8CVSS
8.2AI Score
0.002EPSS
The Themify β WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the βconditionsβ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
9.8CVSS
9.7AI Score
0.001EPSS