5 matches found
CVE-2026-2019
The Cart All In One For WooCommerce plugin for WordPress is vulnerable to Code Injection in all versions up to, and including, 1.1.21. This is due to insufficient input validation on the 'Assign page' field which is passed directly to the eval function. This makes it possible for authenticated...
CVE-2022-46806
CVE-2022-46806 affects VillaTheme Cart All In One For WooCommerce plugin ( 1.1.10 (Patchstack lists 1.1.11 as fixed). Exploitation details are not provided in the documents, and there are no confirmed in‑the‑wild exploit links within the connected documents.
CVE-2022-46806 WordPress Cart All In One For WooCommerce Plugin <= 1.1.10 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in VillaTheme Cart All In One For WooCommerce plugin = 1.1.10 leading to cart modification...
WordPress plugin Cart All In One For WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Cart All In One For WooCommerce Plugin <= 1.1.10 is vulnerable to Cross Site Request Forgery (CSRF)
Software Cart All In One For WooCommerce Type Plugin Vulnerable versions = 1.1.10 Fixed in 1.1.11 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-46806 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 4f842f506d26 Credits C...