Lucene search
K

24 matches found

NVD
NVD
added 2026/07/03 9:16 a.m.8 views

CVE-2026-11778

The The CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.2.14. This is due to the software allowing users to execute an action that does not properly validate a value...

5.4CVSS0.00255EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/03 7:53 a.m.37 views

CVE-2026-11778 CURCY <= 2.2.14 - Unauthenticated Arbitrary Shortcode Execution via 'exchange' Parameter

The The CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.2.14. This is due to the software allowing users to execute an action that does not properly validate a value...

5.4CVSS0.00255EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.15 views

PT-2026-55513

Name of the Vulnerable Software and Affected Versions The CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x versions prior to 2.2.15 Description Unauthenticated attackers can execute arbitrary shortcodes because the software fails to properly validate a value before running the...

5.4CVSS6.1AI score0.00255EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54159

Malicious code in bioql PyPI...

7.5CVSS9.2AI score0.00373EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.20 views

CVE-2025-47563 WordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in villatheme CURCY woocommerce-multi-currency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CURCY: from n/a through = 2.3.7...

5.3CVSS0.00282EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/16 12:46 p.m.8 views

WordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerability

Arbitrary Shortcode Execution vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin CURCY versions = 2.3.7...

5.3CVSS8.4AI score0.00282EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/07 7:15 a.m.13 views

CVE-2024-13320

The CURCY - WooCommerce Multi Currency - Currency Switcher plugin for WordPress is vulnerable to SQL Injection via the 'wcfilterpricemetawhere' parameter in all versions up to, and including, 2.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

7.5CVSS0.00373EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/07 6:40 a.m.9 views

CVE-2024-13320 CURCY - WooCommerce Multi Currency - Currency Switcher <= 2.3.6 - Unauthenticated SQL Injection

The CURCY - WooCommerce Multi Currency - Currency Switcher plugin for WordPress is vulnerable to SQL Injection via the 'wcfilterpricemetawhere' parameter in all versions up to, and including, 2.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

7.5CVSS7.8AI score0.00373EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/07 6:40 a.m.15 views

CVE-2024-13320 CURCY - WooCommerce Multi Currency - Currency Switcher <= 2.3.6 - Unauthenticated SQL Injection

The CURCY - WooCommerce Multi Currency - Currency Switcher plugin for WordPress is vulnerable to SQL Injection via the 'wcfilterpricemetawhere' parameter in all versions up to, and including, 2.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

7.5CVSS0.00373EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/08 7:26 a.m.8 views

CVE-2024-13487

The The CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrary shortcode execution via the getproductsprice function in all versions up to, and including, 2.2.5. This is due to the software...

7.3CVSS7.6AI score0.00703EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/06 6:53 a.m.6 views

CVE-2024-13487 CURCY – Multi Currency for WooCommerce <= 2.2.5 - Unauthenticated Arbitrary Shortcode Execution via get_products_price Function

The The CURCY – Multi Currency for WooCommerce – The best free currency exchange plugin – Run smoothly on WooCommerce 9.x plugin for WordPress is vulnerable to arbitrary shortcode execution via the getproductsprice function in all versions up to, and including, 2.2.5. This is due to the software...

7.3CVSS7.7AI score0.00703EPSS
Exploits0References4
CVE
CVE
added 2025/02/06 6:53 a.m.68 views

CVE-2024-13487

CVE-2024-13487 affects CURCY – Multi Currency for WooCommerce (

7.3CVSS7.4AI score0.00703EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/06 12:0 a.m.4 views

WordPress plugin CURCY 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

7.3CVSS9.2AI score0.00703EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/02/05 9:59 p.m.4 views

WordPress CURCY – Multi Currency for WooCommerce plugin <= 2.2.5 - Unauthenticated Arbitrary Shortcode Execution via get_products_price Function vulnerability

Unauthenticated Arbitrary Shortcode Execution via getproductsprice Function vulnerability discovered by mikemyers in WordPress Plugin CURCY versions = 2.2.5...

7.3CVSS7.1AI score0.00703EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/13 2:22 p.m.24 views

CVE-2022-46796 WordPress CURCY plugin <= 2.1.25 - Unauthenticated plugin settings change vulnerability

Missing Authorization vulnerability in VillaTheme CURCY allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CURCY: from n/a through 2.1.25...

6.5CVSS0.00637EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/17 7:12 p.m.37 views

CVE-2024-49283 WordPress CURCY plugin <= 2.2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VillaTheme CURCY woo-multi-currency allows Reflected XSS.This issue affects CURCY: from n/a through = 2.2.3...

7.1CVSS0.00292EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/17 12:0 a.m.3 views

WordPress plugin CURCY 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6AI score0.00292EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/15 10:16 a.m.4 views

WordPress CURCY plugin <= 2.2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin CURCY versions = 2.2.3...

7.1CVSS6.1AI score0.00292EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.17 views

WordPress CURCY Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Software CURCY Type Plugin Vulnerable versions = 2.2.3 Fixed in 2.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49283 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a6bd022fc477 Credits Dimas Maulana Required privilege...

7.1CVSS7AI score0.00292EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/12/21 5:20 p.m.74 views

CVE-2023-50831 WordPress CURCY Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VillaTheme CURCY – Multi Currency for WooCommerce allows Stored XSS.This issue affects CURCY – Multi Currency for WooCommerce: from n/a through 2.2.0...

6.5CVSS6.7AI score0.00517EPSS
Exploits1References1
Rows per page
Query Builder