Lucene search
User Email Verification For WooCommerce Security Vulnerabilities
cve
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XLPlugins User Email Verification for WooCommerce plugin <= 3.5.0...
6.1CVSS
6AI Score
0.0005EPSS
2023-09-04 10:15 AM
15
cve
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticate_user_by_email in versions up to, and including, 3.5.0. This is due to a random token generation weakness in the resend_verification_email function. This allows unauthenticated...
9.8CVSS
9.6AI Score
0.001EPSS
2023-06-03 12:15 AM
25