342 matches found
MAL-2025-18490 Malicious code in discount-app-components (npm)
The package discount-app-components was found to contain malicious code...
MAL-2025-21725 Malicious code in google-play-code-discount006 (npm)
The package google-play-code-discount006 was found to contain malicious code...
WordPress Dynamic Pricing With Discount Rules for WooCommerce plugin <= 4.5.9 - Arbitrary Code Execution vulnerability
Arbitrary Code Execution vulnerability discovered by tratt Patchstack Alliance in WordPress Plugin Dynamic Pricing With Discount Rules for WooCommerce versions = 4.5.9...
CVE-2025-49077
Cross-Site Request Forgery CSRF vulnerability in ThemeHigh Dynamic Pricing and Discount Rules discount-and-dynamic-pricing allows Cross Site Request Forgery.This issue affects Dynamic Pricing and Discount Rules: from n/a through = 2.2.9...
CVE-2025-49077
Cross-Site Request Forgery CSRF vulnerability in ThemeHigh Dynamic Pricing and Discount Rules discount-and-dynamic-pricing allows Cross Site Request Forgery.This issue affects Dynamic Pricing and Discount Rules: from n/a through = 2.2.9...
CVE-2025-49077
CVE-2025-49077: CSRF vulnerability in WordPress plugin Dynamic Pricing and Discount Rules (versions
WordPress plugin Dynamic Pricing and Discount Rules 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...
WordPress Dynamic Pricing and Discount Rules plugin <= 2.2.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by luckybuddy Patchstack Alliance in WordPress Plugin Dynamic Pricing and Discount Rules versions = 2.2.9...
CVE-2024-32722
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coupon & Discount Code Reveal Button allows Stored XSS.This issue affects Coupon & Discount Code Reveal Button: from n/a through 1.2.5...
CVE-2024-0617
The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcdsavediscount function in all versions up to, and including, 4.12. This makes it possible for unauthenticated attackers to modify product category...
CVE-2022-2090
The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin's discount rule page, leading to Reflected Cross-Site Scripting...
CVE-2022-47130
A Cross-Site Request Forgery CSRF in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page...
CVE-2025-48248 WordPress Sitewide Discount for WooCommerce: Apply Discount to All Products plugin <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products global-shop-discount-for-woocommerce allows Stored XSS.This issue affects Sitewide Discount for WooCommerce: Apply Discou...
CVE-2025-48248 WordPress Sitewide Discount for WooCommerce: Apply Discount to All Products plugin <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Sitewide Discount for WooCommerce: Apply Discount to All Products global-shop-discount-for-woocommerce allows Stored XSS.This issue affects Sitewide Discount for WooCommerce: Apply Discou...
CVE-2025-48248
CVE-2025-48248 pertains to Sitewide Discount for WooCommerce: Apply Discount to All Products (WordPress plugin). The vulnerability is a Stored XSS due to improper input neutralization during web page generation, affecting versions up to 2.2.1. Public sources in Connected documents confirm the aff...
WordPress plugin Sitewide Discount for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-21960 · Woocommerce · Sitewide Discount For Woocommerce
Name of the Vulnerable Software and Affected Versions: Sitewide Discount for WooCommerce: Apply Discount to All Products versions through 2.2.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for...
CVE-2025-4708
A vulnerability classified as critical has been found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/salesadd.php. The manipulation of the argument discount leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CampCodes Sales and Inventory System 注入漏洞
CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. An injection vulnerability exists in version 1.0 of the CampCodes Sales and Inventory System, which stems from SQL injection due to incorrect manipulation of the parameter discount in the file...
CVE-2025-47544
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce allows Blind SQL Injection. This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through 4.5.8...