Lucene search
K

159 matches found

Patchstack
Patchstack
added 2024/10/04 1:21 a.m.4 views

WordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 3.8.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Quantity Dynamic Pricing & Bulk Discounts for WooCommerce versions = 3.8.0...

6.1CVSS6.3AI score0.00364EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/10/04 12:0 a.m.4 views

WordPress plugin Quantity Dynamic Pricing & Bulk Discounts for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

6.1CVSS6.1AI score0.00364EPSS
Exploits0References4
WPVulnDB
WPVulnDB
added 2024/04/16 12:0 a.m.12 views

ELEX WooCommerce Dynamic Pricing and Discounts < 2.1.3 - Cross-Site Request Forgery

Description The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.2. This is due to missing or incorrect nonce validation on various function. This makes it possible for unauthenticated attackers t...

4.3CVSS6.5AI score0.002EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/04/12 1:15 p.m.7 views

CVE-2024-31364

Cross-Site Request Forgery CSRF vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

4.3CVSS4.6AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/12 12:19 p.m.17 views

CVE-2024-31364 WordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

4.3CVSS4.9AI score0.002EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/12 12:19 p.m.5 views

CVE-2024-31364 WordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

4.3CVSS5.2AI score0.002EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.3 views

PT-2024-24009 · Elex · Elex Woocommerce Dynamic Pricing/Discounts

Name of the Vulnerable Software and Affected Versions: ELEX WooCommerce Dynamic Pricing and Discounts versions 2.1.2 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, which could potentially allow unauthorized actions to be performed on behalf of a user...

4.3CVSS6.9AI score0.002EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.5 views

WordPress Plugin ELEX WooCommerce Dynamic Pricing and Discounts 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. WordPress Plugin ELEX WooCommerce...

4.3CVSS6.6AI score0.002EPSS
Exploits0References2
NVD
NVD
added 2024/04/11 2:15 p.m.9 views

CVE-2024-32105

Cross-Site Request Forgery CSRF vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

4.3CVSS4.6AI score0.00205EPSS
Exploits0References1
CVE
CVE
added 2024/04/11 1:16 p.m.39 views

CVE-2024-32105

CVE-2024-32105 is a CSRF vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts, affecting versions from n/a up to 2.1.2. The issue has been observed in public disclosures and Red Hat/Wordfence references; mitigations require upgrading to a patched version where available. T...

4.3CVSS5.2AI score0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/11 1:16 p.m.18 views

CVE-2024-32105 WordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

4.3CVSS4.9AI score0.00205EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/04/11 11:28 a.m.4 views

WordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin ELEX WooCommerce Dynamic Pricing and Discounts versions = 2.1.2...

4.3CVSS7AI score0.00205EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/11 12:0 a.m.7 views

PT-2024-24411 · Elex · Elex Woocommerce Dynamic Pricing/Discounts

Name of the Vulnerable Software and Affected Versions: ELEX WooCommerce Dynamic Pricing and Discounts versions n/a through 2.1.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It affects the ELEX WooCommerce Dynamic Pricing and Discounts plugin. Recommendations: For...

4.3CVSS6.9AI score0.00205EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/04/11 12:0 a.m.2 views

WordPress Plugin ELEX WooCommerce Dynamic Pricing and Discounts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

4.3CVSS6.5AI score0.00205EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/04/11 12:0 a.m.13 views

ELEX WooCommerce Dynamic Pricing and Discounts < 2.1.3 - Reflected Cross-Site Scripting

Description The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in all versions up to, and including, 2.1.2 due to insufficient input sanitization and output escaping. This makes it possible for...

7.1CVSS6.3AI score0.00334EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/04/08 3:22 p.m.3 views

WordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin ELEX WooCommerce Dynamic Pricing and Discounts versions = 2.1.2...

4.3CVSS7AI score0.002EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/08 12:0 a.m.8 views

WordPress ELEX WooCommerce Dynamic Pricing and Discounts Plugin <= 2.1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software ELEX WooCommerce Dynamic Pricing and Discounts Type Plugin Vulnerable versions = 2.1.2 Fixed in 2.1.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31364 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

4.3CVSS6.6AI score0.002EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/04/07 6:15 p.m.23 views

CVE-2024-31255

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts allows Reflected XSS.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2...

7.1CVSS7AI score0.00334EPSS
Exploits0References1
CVE
CVE
added 2024/04/07 5:51 p.m.49 views

CVE-2024-31255

CVE-2024-31255 affects the ELEX WooCommerce Dynamic Pricing and Discounts WordPress plugin. The connected data confirms a Reflected XSS due to Improper Neutralization of Input During Web Page Generation, impacting versions up to 2.1.2 (n/a–2.1.2). The CVE entry provides a CVSS score of 7.1 (HIGH,...

7.1CVSS8.6AI score0.00334EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/07 12:0 a.m.4 views

WordPress Plugin ELEX WooCommerce Dynamic Pricing and Discounts 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin ELEX WooCommerce Dynamic...

7.1CVSS7.8AI score0.00334EPSS
Exploits0References2
Rows per page
Query Builder