EUVD-2025-197968

The Live sales notification for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.3.39. This is due to the "getOrders" function lacking proper authorization and capability checks when the plugin is configured to display recent order...

WordPress Live sales notification for WooCommerce plugin <= 2.3.39 - Missing Authorization to Unauthenticated Customer Data Exposure vulnerability

Missing Authorization to Unauthenticated Customer Data Exposure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Live sales notification for WooCommerce versions = 2.3.39...

CVE-2008-0658

slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service daemon crash via a modrdn operation with a NOOP LDAPXNOOPERATION control, a related issue to CVE-2007-6698...

CVE-2007-5707

CVE-2007-5707 affects OpenLDAP’s slapd prior to 2.3.39, where crafted LDAP requests with malformed objectClasses can crash slapd (DoS). Remediation referenced in advisories is upgrading to OpenLDAP 2.3.39 or newer (RHSA-2007:1038, related vendor advisories). OpenVAS/Nessus entries corroborate Ope...

PT-2007-1002 · Openldap +1 · Openldap +1

Name of the Vulnerable Software and Affected Versions: OpenLDAP versions prior to 2.3.39 OpenLDAP version 2.3.27 Description: The issue allows remote attackers to cause a denial of service slapd crash via an LDAP request with a malformed objectClasses attribute. This can lead to disruption of...