Lucene search
K

159 matches found

nvd
nvd
added 2025/04/17 4:15 p.m.24 views

CVE-2025-39453

Cross-Site Request Forgery CSRF vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce advanced-dynamic-pricing-for-woocommerce allows Cross Site Request Forgery.This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through = 4.9.3...

4.3CVSS0.00153EPSS
Exploits0References1
cve
cve
added 2025/04/17 3:15 p.m.56 views

CVE-2025-39453

CVE-2025-39453: CSRF in Advanced Dynamic Pricing for WooCommerce (algol.plus) affects versions n/a through 4.9.3. Root cause is Cross-Site Request Forgery enabling unauthorized actions when a logged-in user interacts with the vulnerable plugin. Impact is limited to integrity/availability as per s...

4.3CVSS7.2AI score0.00153EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/04/17 3:15 p.m.9 views

CVE-2025-39453 WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.9.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce allows Cross Site Request Forgery. This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through 4.9.3...

4.3CVSS7AI score0.00153EPSS
Exploits0References1
cvelist
cvelist
added 2025/04/17 3:15 p.m.33 views

CVE-2025-39453 WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.9.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce advanced-dynamic-pricing-for-woocommerce allows Cross Site Request Forgery.This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through = 4.9.3...

4.3CVSS0.00153EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/04/17 12:0 a.m.4 views

WordPress plugin Advanced Dynamic Pricing for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists i...

4.3CVSS5.9AI score0.00153EPSS
Exploits0References1
patchstack
patchstack
added 2025/03/31 2:6 p.m.4 views

WordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 4.0.3 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Quantity Dynamic Pricing & Bulk Discounts for WooCommerce versions = 4.0.3...

6.5CVSS5.8AI score0.00237EPSS
Exploits0Affected Software1
cnnvd
cnnvd
added 2025/03/31 12:0 a.m.5 views

WordPress plugin Quantity Dynamic Pricing & Bulk Discounts for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

6.5CVSS7.6AI score0.00237EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/02/06 2:31 a.m.10 views

CVE-2025-24632

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce advanced-dynamic-pricing-for-woocommerce allows Reflected XSS.This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through = 4.9...

7.1CVSS5.9AI score0.00246EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 12:22 a.m.8 views

CVE-2024-31255

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts allows Reflected XSS.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

7.1CVSS8.6AI score0.00334EPSS
Exploits0References1
nvd
nvd
added 2025/01/31 9:15 a.m.12 views

CVE-2025-24632

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce advanced-dynamic-pricing-for-woocommerce allows Reflected XSS.This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through = 4.9...

7.1CVSS0.00246EPSS
Exploits0References1
cvelist
cvelist
added 2025/01/31 8:24 a.m.21 views

CVE-2025-24632 WordPress Advanced Dynamic Pricing for WooCommerce Plugin <= 4.9.0 -Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in algol.plus Advanced Dynamic Pricing for WooCommerce advanced-dynamic-pricing-for-woocommerce allows Reflected XSS.This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through = 4.9...

7.1CVSS0.00246EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/31 12:0 a.m.3 views

WordPress plugin Advanced Dynamic Pricing for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

7.1CVSS6.1AI score0.00246EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/01/31 12:0 a.m.4 views

PT-2025-5460 · Woocommerce · Algolplus Advanced Dynamic Pricing For Woocommerce

Name of the Vulnerable Software and Affected Versions: AlgolPlus Advanced Dynamic Pricing for WooCommerce versions through 4.9.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enabl...

7.1CVSS6.8AI score0.00246EPSS
Exploits0References4
patchstack
patchstack
added 2025/01/05 8:33 a.m.4 views

WordPress Advanced Dynamic Pricing for WooCommerce Plugin <= 4.9.0 -Reflected Cross Site Scripting (XSS) vulnerability

WordPress Advanced Dynamic Pricing for WooCommerce Plugin = 4.9.0 -Reflected Cross Site Scripting XSS vulnerability discovered by b4orvn in WordPress Plugin Advanced Dynamic Pricing for WooCommerce versions = 4.9.0...

7.1CVSS6.1AI score0.00246EPSS
Exploits0Affected Software1
cvelist
cvelist
added 2024/12/24 4:22 a.m.25 views

CVE-2024-12266 ELEX WooCommerce Dynamic Pricing and Discounts <= 2.1.7 - Missing Authorization

The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elexdpexportrules and elexdpimportrules functions in all versions up to, and including, 2.1.7. This makes it possible for unauthenticated...

6.5CVSS0.0034EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2024/12/24 4:22 a.m.4 views

CVE-2024-12266 ELEX WooCommerce Dynamic Pricing and Discounts <= 2.1.7 - Missing Authorization

The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elexdpexportrules and elexdpimportrules functions in all versions up to, and including, 2.1.7. This makes it possible for unauthenticated...

6.5CVSS6.8AI score0.0034EPSS
Exploits0References5
cnnvd
cnnvd
added 2024/12/24 12:0 a.m.3 views

WordPress plugin ELEX WooCommerce Dynamic Pricing and Discounts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS7.6AI score0.0034EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2024/12/24 12:0 a.m.4 views

PT-2024-17519 · WordPress · Elex Woocommerce Dynamic Pricing/Discounts

Name of the Vulnerable Software and Affected Versions: ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress versions up to, and including, 2.1.7 Description: The issue arises from a missing capability check on the elex dp export rules and elex dp import rules functions, allowing...

6.5CVSS9.5AI score0.0034EPSS
Exploits0References10
patchstack
patchstack
added 2024/12/23 5:31 p.m.3 views

WordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.7 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Fariq Fadillah Gusti Insani fariqfgi in WordPress Plugin ELEX WooCommerce Dynamic Pricing and Discounts versions = 2.1.7...

6.5CVSS7AI score0.0034EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/10/04 2:4 a.m.17 views

CVE-2024-9384 Quantity Dynamic Pricing & Bulk Discounts for WooCommerce <= 3.8.0 - Reflected Cross-Site Scripting

The Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attacker...

6.1CVSS0.00364EPSS
Exploits0References3
Rows per page
Query Builder