Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-26021

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:19 p.m.2 views

CVE-2025-48358

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in everythingwp Risk Free Cash On Delivery COD - WooCommerce risk-free-cash-on-delivery-cod-woocommerce allows Stored XSS.This issue affects Risk Free Cash On Delivery COD - WooCommerce: from n/a...

5.9CVSS5.9AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/28 12:37 p.m.1 views

CVE-2025-48358 WordPress Risk Free Cash On Delivery (COD) – WooCommerce plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in everythingwp Risk Free Cash On Delivery COD WooCommerce risk-free-cash-on-delivery-cod-woocommerce allows Stored XSS.This issue affects Risk Free Cash On Delivery COD WooCommerce: from n/a through ...

5.9CVSS5.2AI score0.0021EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/28 12:37 p.m.10 views

CVE-2025-48358

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in everythingwp Risk Free Cash On Delivery COD – WooCommerce risk-free-cash-on-delivery-cod-woocommerce allows Stored XSS.This issue affects Risk Free Cash On Delivery COD – WooCommerce: from n/a...

5.9CVSS5.2AI score0.0021EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/28 12:37 p.m.10 views

CVE-2025-48358 WordPress Risk Free Cash On Delivery (COD) – WooCommerce plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in everythingwp Risk Free Cash On Delivery COD – WooCommerce risk-free-cash-on-delivery-cod-woocommerce allows Stored XSS.This issue affects Risk Free Cash On Delivery COD – WooCommerce: from n/a...

5.9CVSS0.0021EPSS
Exploits0References1
CVE
CVE
added 2025/08/28 12:37 p.m.12 views

CVE-2025-48358

CVE-2025-48358 describes a stored cross-site scripting (XSS) vulnerability in the WordPress plugin “Risk Free Cash On Delivery (COD) – WooCommerce.” Affected: COD WooCommerce plugin versions up to 1.0.4. Root cause: improper neutralization of input during web page generation. Impact: stored XSS t...

5.9CVSS5.2AI score0.0021EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.3 views

WordPress plugin Risk Free Cash On Delivery (COD) – WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Risk Free Cash On Delivery COD - A...

5.9CVSS5.7AI score0.0021EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/08/20 2:16 p.m.3 views

WordPress Risk Free Cash On Delivery (COD) – WooCommerce plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Risk Free Cash On Delivery COD WooCommerce versions = 1.0.4...

5.9CVSS5.9AI score0.0021EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/03 3:45 p.m.6 views

WordPress Simple COD Fees for WooCommerce plugin <= 2.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Simple COD Fees for WooCommerce versions = 2.0.2...

8.8CVSS7AI score0.00351EPSS
Exploits0Affected Software1
Hacker One
Hacker One
added 2019/05/30 7:1 p.m.17 views

Automattic: Gaining unlimited bonus points on websites with WooCommerce Points and Rewards

In WooCommerce Points and Rewards plugin there is an assumption that Processing order status is only for paid orders. However, this assumption is wrong for payment gateway Cash On Delivery, which immediately changes order status to Processing on all new orders. Plugin then increases bonus points...

1.5AI score
Exploits0
Hacker One
Hacker One
added 2016/12/13 9:42 p.m.14 views

Shopify: XSS on manually entering Postal codes

Hello, I had found a XSS vulnerability in manually entering postal codes in "Advance Cash On Delivery" option which is newly launched for indians.Below is the screenshot attached. Thank You...

0.6AI score
Exploits0
Hacker One
Hacker One
added 2016/12/04 7:45 p.m.21 views

Shopify: Redirect in adding advance cash on delivery app

Hello, When you install Advance Cash on delivery App in your shop, it takes you to the url F140362 https://.myshopify.com/admin/authorizegateway/1041328?apikey=ceb1a596e2b039d02dfb5772303f6273&returnurl=https://cod.shopifyapps.com/gatewayenabled F140363 Here, returnurl can be used for redirection...

1.1AI score
Exploits0
Rows per page
Query Builder