WordPress Smart Online Order for Clover plugin <= 1.6.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by she11f in WordPress Plugin Smart Online Order for Clover versions = 1.6.0...

WordPress Smart Online Order for Clover plugin <= 1.6.0 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by she11f in WordPress Plugin Smart Online Order for Clover versions = 1.6.0...

CVE-2026-42745 WordPress Smart Online Order for Clover plugin <= 1.6.0 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Authentication Bypass.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

CVE-2026-42746

CVE-2026-42746 concerns the WordPress Clover plugin “clover-online-orders” (Smart Online Order for Clover) with versions up to 1.6.0. The vulnerability is described as an Insertion of Sensitive Information Into Sent Data, allowing retrieval of embedded sensitive data. The provided documents indic...

CVE-2026-42745 WordPress Smart Online Order for Clover plugin <= 1.6.0 - Broken Authentication vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Authentication Bypass.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

CVE-2026-42745

The CVE-2026-42745 entry concerns the WordPress Clover plugin ( Clover Online Orders) version &lt;= 1.6.0, where a Broken Authentication vulnerability allows bypassing authentication via an alternate path or channel. Documents consistently describe an authentication bypass affecting the Smart Onl...

CVE-2026-42746 WordPress Smart Online Order for Clover plugin <= 1.6.0 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Retrieve Embedded Sensitive Data.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

CVE-2026-42738

The CVE-2026-42738 entry concerns the WordPress Clover-based plugin Smart Online Order for Clover (clover-online-orders), affected versions up to and including 1.6.0. A stored XSS flaw arises from improper neutralization of input during web page generation, enabling malicious input to be stored a...

CVE-2026-42738 WordPress Smart Online Order for Clover plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Stored XSS.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

WordPress plugin Smart Online Order for Clover 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress plugin Smart Online Order for Clover 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

CVE-2025-15635 WordPress Smart Online Order for Clover plugin <= 1.6.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Cross Site Request Forgery.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

WordPress Smart Online Order for Clover plugin <= 1.6.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Mika in WordPress Plugin Smart Online Order for Clover versions = 1.6.0...

WordPress Smart Online Order for Clover plugin <= 1.5.6 - Missing Authorization to Authenticated (Subscriber+) Plugin Data Update vulnerability

Missing Authorization to Authenticated Subscriber+ Plugin Data Update vulnerability discovered by Lucio Sá in WordPress Plugin Smart Online Order for Clover versions = 1.5.6...

EUVD-2024-49418

Malicious code in bioql PyPI...

EUVD-2024-50190

Malicious code in bioql PyPI...

WordPress plugin Smart Online Order for Clover 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2024-8787

The Smart Online Order for Clover plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.7. This makes it possible for unauthenticated attackers to inject...

CVE-2024-8787

The Smart Online Order for Clover plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.7. This makes it possible for unauthenticated attackers to inject...

CVE-2024-8787

CVE-2024-8787 (Smart Online Order for Clover, WordPress) is a Reflected Cross-Site Scripting vulnerability caused by improper escaping when using add_query_arg and remove_query_arg. It affects all versions up to and including 1.5.7. Unauthenticated attackers can inject arbitrary scripts into page...