WordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.4 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Custom WooCommerce Checkout Fields Editor versions = 1.3.4...

EUVD-2024-34536

Malicious code in bioql PyPI...

CVE-2025-58799

Cross-Site Request Forgery CSRF vulnerability in themelocation Custom WooCommerce Checkout Fields Editor add-fields-to-checkout-page-woocommerce allows Cross Site Request Forgery.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through = 1.3.4...

CVE-2025-58799

CVE-2025-58799 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin Custom WooCommerce Checkout Fields Editor (themelocation) up to version 1.3.4. The issue is confirmed by multiple sources in the connected documents (Patchstack, CVE records, Red Hat advisory refere...

CVE-2025-58799 WordPress Custom WooCommerce Checkout Fields Editor Plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in themelocation Custom WooCommerce Checkout Fields Editor add-fields-to-checkout-page-woocommerce allows Cross Site Request Forgery.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through = 1.3.4...

WordPress Custom WooCommerce Checkout Fields Editor Plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Custom WooCommerce Checkout Fields Editor versions = 1.3.4...

WordPress plugin Custom WooCommerce Checkout Fields Editor Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2025-36139

Name of the Vulnerable Software and Affected Versions: themelocation Custom WooCommerce Checkout Fields Editor versions through 1.3.4 Description: The software contains a Cross-Site Request Forgery CSRF flaw. This issue allows attackers to perform actions on behalf of authenticated users...

CVE-2024-30518

Cross-Site Request Forgery CSRF vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0...

CVE-2024-33956

Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0...

CVE-2024-33956 WordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0...

PT-2024-25588 · Woocommerce · Custom Woocommerce Checkout Fields Editor

Name of the Vulnerable Software and Affected Versions: Custom WooCommerce Checkout Fields Editor versions 1.3.0 and earlier Description: A Missing Authorization issue has been identified. This issue affects the Custom WooCommerce Checkout Fields Editor, allowing potential unauthorized access...

Custom WooCommerce Checkout Fields Editor < 1.3.1 - Cross-Site Request Forgery

Description The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform an unauthorized...

CVE-2024-30518

Cross-Site Request Forgery CSRF vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0...

CVE-2024-30518

Technical details about CVE-2024-30518 are not provided in the supplied documents. The data confirms a CSRF issue in ThemeLocation Custom WooCommerce Checkout Fields Editor (versions

WordPress Custom WooCommerce Checkout Fields Editor Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Custom WooCommerce Checkout Fields Editor Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-30518 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1753adeaf82a...

CVE-2024-1697

The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the savewcfeoptions function in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2024-1697

The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the savewcfeoptions function in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

WordPress Plugin Custom WooCommerce Checkout Fields Editor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2022-46864

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin = 0.1 versions...