EUVD-2021-34174

Malicious code in bioql PyPI...

CVE-2021-4347

The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...

CVE-2021-4347 Advanced Shipment Tracking for WooCommerce <= 3.2.6 - Authenticated WordPress Options Change

The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...

CVE-2021-4347

Summary: The WordPress plugin Advanced Shipment Tracking for WooCommerce (versions up to 3.2.6) is vulnerable due to the function update_shipment_status_email_status_fun , which allows authenticated attackers (including at customer level) to update any WordPress option in the database. The issue ...

WordPress Plugin Advanced Shipment Tracking for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...

PT-2023-12456 · Woocommerce · Advanced Shipment Tracking For Woocommerce

Name of the Vulnerable Software and Affected Versions: Advanced Shipment Tracking for WooCommerce versions up to 3.2.6 Description: The issue concerns the function update shipment status email status fun in the Advanced Shipment Tracking for WooCommerce plugin, which is vulnerable to authenticate...

CVE-2022-41635

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

CVE-2022-41635

CVE-2022-41635 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin “Zorem Advanced Shipment Tracking for WooCommerce” up to version 3.5.2. The issue enables CSRF in actions related to shipment tracking settings (per Patchstack entry), with a release fix noted in ve...

PT-2023-14004 · Woocommerce · Zorem Advanced Shipment Tracking

Name of the Vulnerable Software and Affected Versions: Zorem Advanced Shipment Tracking for WooCommerce plugin versions = 3.5.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to perform unintended actions on a we...

WordPress plugin Advanced Shipment Tracking for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...