Lucene search
K

342 matches found

OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-18490 Malicious code in discount-app-components (npm)

The package discount-app-components was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-21725 Malicious code in google-play-code-discount006 (npm)

The package google-play-code-discount006 was found to contain malicious code...

7.2AI score
Exploits0
Patchstack
Patchstack
added 2025/08/14 12:15 p.m.10 views

WordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.9 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by tratt Patchstack Alliance in WordPress Plugin Dynamic Pricing With Discount Rules for WooCommerce versions = 4.5.9...

9.8CVSS7.1AI score0.00433EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/08 11:58 a.m.10 views

CVE-2025-49077

Cross-Site Request Forgery CSRF vulnerability in ThemeHigh Dynamic Pricing and Discount Rules discount-and-dynamic-pricing allows Cross Site Request Forgery.This issue affects Dynamic Pricing and Discount Rules: from n/a through = 2.2.9...

4.3CVSS5.9AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 2025/06/06 12:15 p.m.17 views

CVE-2025-49077

Cross-Site Request Forgery CSRF vulnerability in ThemeHigh Dynamic Pricing and Discount Rules discount-and-dynamic-pricing allows Cross Site Request Forgery.This issue affects Dynamic Pricing and Discount Rules: from n/a through = 2.2.9...

4.3CVSS0.00124EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 11:18 a.m.62 views

CVE-2025-49077

CVE-2025-49077: CSRF vulnerability in WordPress plugin Dynamic Pricing and Discount Rules (versions

4.3CVSS5.9AI score0.00124EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.4 views

WordPress plugin Dynamic Pricing and Discount Rules 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

4.3CVSS4.8AI score0.00124EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/30 2:22 p.m.11 views

WordPress Dynamic Pricing and Discount Rules plugin <= 2.2.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by luckybuddy Patchstack Alliance in WordPress Plugin Dynamic Pricing and Discount Rules versions = 2.2.9...

4.3CVSS6.8AI score0.00124EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:19 a.m.8 views

CVE-2024-32722

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coupon & Discount Code Reveal Button allows Stored XSS.This issue affects Coupon & Discount Code Reveal Button: from n/a through 1.2.5...

5.9CVSS5.2AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:32 a.m.8 views

CVE-2024-0617

The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcdsavediscount function in all versions up to, and including, 4.12. This makes it possible for unauthenticated attackers to modify product category...

5.3CVSS6.6AI score0.0049EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:39 p.m.5 views

CVE-2022-2090

The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin's discount rule page, leading to Reflected Cross-Site Scripting...

6.1CVSS6.7AI score0.00661EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:51 p.m.9 views

CVE-2022-47130

A Cross-Site Request Forgery CSRF in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page...

4.3CVSS7.1AI score0.00617EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/05/19 2:44 p.m.7 views

CVE-2025-48248 WordPress Sitewide Discount for WooCommerce: Apply Discount to All Products plugin <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products global-shop-discount-for-woocommerce allows Stored XSS.This issue affects Sitewide Discount for WooCommerce: Apply Discou...

6.5CVSS5.2AI score0.00215EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/19 2:44 p.m.16 views

CVE-2025-48248 WordPress Sitewide Discount for WooCommerce: Apply Discount to All Products plugin <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products global-shop-discount-for-woocommerce allows Stored XSS.This issue affects Sitewide Discount for WooCommerce: Apply Discou...

6.5CVSS0.00215EPSS
Exploits0References1
CVE
CVE
added 2025/05/19 2:44 p.m.19 views

CVE-2025-48248

CVE-2025-48248 pertains to Sitewide Discount for WooCommerce: Apply Discount to All Products (WordPress plugin). The vulnerability is a Stored XSS due to improper input neutralization during web page generation, affecting versions up to 2.2.1. Public sources in Connected documents confirm the aff...

6.5CVSS5.9AI score0.00215EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.4 views

WordPress plugin Sitewide Discount for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS6.1AI score0.00215EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/19 12:0 a.m.4 views

PT-2025-21960 · Woocommerce · Sitewide Discount For Woocommerce

Name of the Vulnerable Software and Affected Versions: Sitewide Discount for WooCommerce: Apply Discount to All Products versions through 2.2.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for...

6.5CVSS6AI score0.00215EPSS
Exploits0References4
OSV
OSV
added 2025/05/15 5:15 p.m.3 views

CVE-2025-4708

A vulnerability classified as critical has been found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/salesadd.php. The manipulation of the argument discount leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

9.8CVSS5.8AI score0.00421EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.5 views

CampCodes Sales and Inventory System 注入漏洞

CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in version 1.0 of the CampCodes Sales and Inventory System, which stems from SQL injection due to incorrect manipulation of the parameter discount in the file...

9.8CVSS7.8AI score0.00421EPSS
Exploits1References5
OSV
OSV
added 2025/05/07 3:16 p.m.4 views

CVE-2025-47544

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce allows Blind SQL Injection. This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through 4.5.8...

7.2CVSS5.8AI score0.00391EPSS
Exploits0References1
Rows per page
Query Builder