Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2025/09/05 12:0 a.m.3 views

WordPress plugin Custom WooCommerce Checkout Fields Editor Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS5.7AI score0.00131EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 7:57 a.m.10 views

CVE-2024-33956

Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0...

4.3CVSS5.2AI score0.00441EPSS
Exploits0References1
CVE
CVEadded 2024/05/02 11:24 a.m.49 views

CVE-2024-33956

CVE-2024-33956 is a Missing Authorization vulnerability in the Custom WooCommerce Checkout Fields Editor. Public references indicate affected software is the Custom WooCommerce Checkout Fields Editor up to version 1.3.0, with the root cause described as Missing Authorization. Public notes do not ...

4.3CVSS5.2AI score0.00441EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/05/02 12:0 a.m.4 views

PT-2024-25588 · Woocommerce · Custom Woocommerce Checkout Fields Editor

Name of the Vulnerable Software and Affected Versions: Custom WooCommerce Checkout Fields Editor versions 1.3.0 and earlier Description: A Missing Authorization issue has been identified. This issue affects the Custom WooCommerce Checkout Fields Editor, allowing potential unauthorized access...

4.3CVSS6.5AI score0.00441EPSS
Exploits0References3
WPVulnDB
WPVulnDBadded 2024/04/03 12:0 a.m.17 views

Custom WooCommerce Checkout Fields Editor < 1.3.1 - Cross-Site Request Forgery

Description The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform an unauthorized...

4.3CVSS6.5AI score0.00212EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2024/03/29 4:15 p.m.11 views

CVE-2024-30518

Cross-Site Request Forgery CSRF vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0...

4.3CVSS4.6AI score0.00212EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/03/28 12:0 a.m.9 views

WordPress Custom WooCommerce Checkout Fields Editor Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Custom WooCommerce Checkout Fields Editor Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-30518 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1753adeaf82a...

4.3CVSS6.6AI score0.00212EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2024/03/23 2:15 a.m.22 views

CVE-2024-1697

The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the savewcfeoptions function in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.7AI score0.0043EPSS
Exploits0References3
Rows per page
Query Builder