WooDiscuz – WooCommerce Comments Security Vulnerabilities

Booster for WooCommerce < 7.1.9 - Unauthenticated Arbitrary Shortcode Execution

Description The Booster for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 7.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on what other plugins are installed.....

(RHSA-2024:2562) Important: golang security update

The golang packages provide the Go programming language compiler. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290) golang: net/http/cookiejar:...

CVE-2024-4185

The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Email Verification and Authentication Bypass in all versions up to, and including, 2.7.4 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the...

CVE-2024-4185

The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Email Verification and Authentication Bypass in all versions up to, and including, 2.7.4 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the...

CVE-2024-4185

The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to Email Verification and Authentication Bypass in all versions up to, and including, 2.7.4 via the use of insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the...

(RHSA-2024:2160) Moderate: toolbox security update

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fix(es): golang: html/template: improper handling of HTML-like comments within script contexts...

Cross-site Scripting (XSS)

knowledge-repo is vulnerable to Cross-site Scripting (XSS). The vulnerability is due to improper user input validation in the post comments functionality. This allows an attacker to inject arbitrary web scripts or HTML content into the application, potentially leading to cross-site scripting (XSS)....

Email Customizer for WooCommerce | Drag and Drop Email Templates Builder < 2.6.1 - Information Exposure

Description The Email Customizer for WooCommerce | Drag and Drop Email Templates Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.0 via the prepare_preview() function. This makes it possible for unauthenticated attackers to...

RHEL 9 : golang (RHSA-2024:2562)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2562 advisory. The golang packages provide the Go programming language compiler. Security Fix(es): * golang-fips/openssl: Memory leaks in code encrypting...

Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks < 2.2.79 - Unauthenticated Sensitive Information Exposure

Description The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.78. This makes it possible for unauthenticated attackers to extract...

Important: golang security update

The golang packages provide the Go programming language compiler. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290) golang: net/http/cookiejar:...

Important: golang security update

The golang packages provide the Go programming language compiler. Security Fix(es): golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394) golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290) golang: net/http/cookiejar:...

Moderate: toolbox security update

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fix(es): golang: html/template: improper handling of HTML-like comments within script contexts...

Moderate: toolbox security update

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fix(es): golang: html/template: improper handling of HTML-like comments within script contexts...

RHEL 9 : toolbox (RHSA-2024:2160)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2160 advisory. Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of...

CVE-2024-33585

Missing Authorization vulnerability in Tyche Softwares Payment Gateway Based Fees and Discounts for WooCommerce.This issue affects Payment Gateway Based Fees and Discounts for WooCommerce: from n/a through...

CVE-2024-33585

Missing Authorization vulnerability in Tyche Softwares Payment Gateway Based Fees and Discounts for WooCommerce.This issue affects Payment Gateway Based Fees and Discounts for WooCommerce: from n/a through...

CVE-2024-33585 WordPress Payment Gateway Based Fees and Discounts for WooCommerce plugin <= 2.12.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tyche Softwares Payment Gateway Based Fees and Discounts for WooCommerce.This issue affects Payment Gateway Based Fees and Discounts for WooCommerce: from n/a through...

CVE-2024-33566

Missing Authorization vulnerability in N-Media OrderConvo allows OS Command Injection.This issue affects OrderConvo: from n/a through...

CVE-2024-33566

Missing Authorization vulnerability in N-Media OrderConvo allows OS Command Injection.This issue affects OrderConvo: from n/a through...

CVE-2024-33566 WordPress OrderConvo plugin <= 12.4 - Unauthenticated API Access to Arbitrary File Upload vulnerability

Missing Authorization vulnerability in N-Media OrderConvo allows OS Command Injection.This issue affects OrderConvo: from n/a through...

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) < 2.0.8.3 - Authenticated (Subscriber+) Server-Side Request Forgery

Description The The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.0.8.2. This makes it possible for authenticated attackers, with subscriber-level access and...

Advanced Local Pickup for WooCommerce < 1.6.2 - Missing Authorization to Notice Dismissal

Description The Advanced Local Pickup for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the admin_notices_for_alp_pro() function in versions up to, and including, 1.6.1. This makes it possible for unauthenticated attackers.....

Sendinblue for WooCommerce < 4.0.18 - Authenticated (Editor+) Arbitrary File Download and Deletion

Description The Brevo for WooCommerce plugin for WordPress is vulnerable to arbitrary file download and deletion in all versions up to, and including, 4.0.17. This is due to the plugin not properly validating file names in the get_file_contents and delete_attachment functions. This makes it...

Where Did You Hear About Us Checkout Field for WooCommerce < 1.3.2 - Authenticated (Shop Manager+) Stored Cross-Site Scripting

Description The Where Did You Hear About Us Checkout Field for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via order meta in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for...

WooCommerce Shipping Label < 2.3.9 - Authenticated (Shop Manager+) Stored Cross-Site Scripting

Description The WooCommerce Shipping Label plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 2.3.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with shop...

Fedora 40 : baresip / libre (2024-a63e807450)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-a63e807450 advisory. Baresip v3.10.1 (2024-03-12) Security Release (possible Denial of Service): A wrong or manipulated incoming RTP Timestamp can cause the baresip process...

The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) < 2.0.8.4 - Reflected Cross-Site Scripting

Description The The Pack Elementor addons (Header Footer & WooCommerce Builder, Template Library) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.0.8.3 due to insufficient input sanitization and output escaping. This makes it possible...

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1454-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pm_runtime_get_sync...

RHEL 8 / 9 : OpenShift Container Platform 4.14.2 (RHSA-2023:6840)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6840 advisory. golang: net/http: insufficient sanitization of Host header (CVE-2023-29406) golang: crypto/tls: slow verification of certificate...

RHEL 8 / 9 : OpenShift Container Platform 4.14.0 (RHSA-2023:5009)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5009 advisory. golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664) kube-apiserver: Bypassing policies imposed by the...

CVE-2024-2838

The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wooco_components[0][name]' parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on the...

CVE-2024-2838

The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wooco_components[0][name]' parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on the...

CVE-2024-2838

The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wooco_components[0][name]' parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on the...

Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences

Impact DoS vuln via OOM using jq in ignoreDifferences. ignoreDifferences: - group: apps kind: Deployment jqPathExpressions: - 'until(true == false; [.] + [1])' Patches A patch for this vulnerability has been released in the following Argo CD versions: v2.10.8 v2.9.13...

Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences

Impact DoS vuln via OOM using jq in ignoreDifferences. ignoreDifferences: - group: apps kind: Deployment jqPathExpressions: - 'until(true == false; [.] + [1])' Patches A patch for this vulnerability has been released in the following Argo CD versions: v2.10.8 v2.9.13...

CVE-2024-32828

Missing Authorization vulnerability in Octolize Flexible Shipping.This issue affects Flexible Shipping: from n/a through...

CVE-2024-32828

Missing Authorization vulnerability in Octolize Flexible Shipping.This issue affects Flexible Shipping: from n/a through...

CVE-2024-32828 WordPress Table Rate Shipping Method for WooCommerce by Flexible Shipping plugin <= 4.24.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in Octolize Flexible Shipping.This issue affects Flexible Shipping: from n/a through...

CVE-2024-3962

The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary...

CVE-2024-3962

The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary...

CVE-2024-3962

The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in all versions up to, and including, 32.0.18. This makes it possible for unauthenticated attackers to upload arbitrary...

WPC Composite Products for WooCommerce < 7.2.8 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Description The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wooco_components[0][name]' parameter in all versions up to, and including, 7.2.7 due to insufficient input sanitization and output escaping and missing authorization on....

ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass

Impact ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators the option to define a Lockout Policy with a maximum amount of failed password check attempts, there was no such...

ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass

Impact ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators the option to define a Lockout Policy with a maximum amount of failed password check attempts, there was no such...

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 209 vulnerabilities disclosed in 169...

CVE-2024-3733

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajax_load_more() , eael_woo_pagination_product_ajax(), and...

CVE-2024-3733

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajax_load_more() , eael_woo_pagination_product_ajax(), and...

CVE-2024-31266

Improper Control of Generation of Code ('Code Injection') vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through...

CVE-2024-31266

Improper Control of Generation of Code ('Code Injection') vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through...