12 matches found
EUVD-2025-26021
Malicious code in bioql PyPI...
CVE-2025-48358
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in everythingwp Risk Free Cash On Delivery COD - WooCommerce risk-free-cash-on-delivery-cod-woocommerce allows Stored XSS.This issue affects Risk Free Cash On Delivery COD - WooCommerce: from n/a...
CVE-2025-48358 WordPress Risk Free Cash On Delivery (COD) – WooCommerce plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in everythingwp Risk Free Cash On Delivery COD WooCommerce risk-free-cash-on-delivery-cod-woocommerce allows Stored XSS.This issue affects Risk Free Cash On Delivery COD WooCommerce: from n/a through ...
CVE-2025-48358
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in everythingwp Risk Free Cash On Delivery COD – WooCommerce risk-free-cash-on-delivery-cod-woocommerce allows Stored XSS.This issue affects Risk Free Cash On Delivery COD – WooCommerce: from n/a...
CVE-2025-48358 WordPress Risk Free Cash On Delivery (COD) – WooCommerce plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in everythingwp Risk Free Cash On Delivery COD – WooCommerce risk-free-cash-on-delivery-cod-woocommerce allows Stored XSS.This issue affects Risk Free Cash On Delivery COD – WooCommerce: from n/a...
CVE-2025-48358
CVE-2025-48358 describes a stored cross-site scripting (XSS) vulnerability in the WordPress plugin “Risk Free Cash On Delivery (COD) – WooCommerce.” Affected: COD WooCommerce plugin versions up to 1.0.4. Root cause: improper neutralization of input during web page generation. Impact: stored XSS t...
WordPress plugin Risk Free Cash On Delivery (COD) – WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Risk Free Cash On Delivery COD - A...
WordPress Risk Free Cash On Delivery (COD) – WooCommerce plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Risk Free Cash On Delivery COD WooCommerce versions = 1.0.4...
WordPress Simple COD Fees for WooCommerce plugin <= 2.0.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Simple COD Fees for WooCommerce versions = 2.0.2...
Automattic: Gaining unlimited bonus points on websites with WooCommerce Points and Rewards
In WooCommerce Points and Rewards plugin there is an assumption that Processing order status is only for paid orders. However, this assumption is wrong for payment gateway Cash On Delivery, which immediately changes order status to Processing on all new orders. Plugin then increases bonus points...
Shopify: XSS on manually entering Postal codes
Hello, I had found a XSS vulnerability in manually entering postal codes in "Advance Cash On Delivery" option which is newly launched for indians.Below is the screenshot attached. Thank You...
Shopify: Redirect in adding advance cash on delivery app
Hello, When you install Advance Cash on delivery App in your shop, it takes you to the url F140362 https://.myshopify.com/admin/authorizegateway/1041328?apikey=ceb1a596e2b039d02dfb5772303f6273&returnurl=https://cod.shopifyapps.com/gatewayenabled F140363 Here, returnurl can be used for redirection...