CVE-2024-1857

The Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.6 via the wpswgmpreviewemailtemplate. This makes it possible for...

CVE-2023-28662

The Gift Cards Gift Vouchers and Packages WordPress Plugin, version = 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgvdoajaxvoucherpdfsavefunc action...

CVE-2021-4391

The Ultimate Gift Cards for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the mwbwgmsavepost function. This makes it possible for unauthenticated attackers to modify...

CVE-2024-13520

The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...

CVE-2024-13520

CVE-2024-13520 — The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) WordPress plugin is vulnerable due to a missing capability check in update_voucher_price, update_voucher_date, and update_voucher_note, affecting all versions up to 4.4.6. This allows unauthenticated attackers to...

CVE-2024-13520 Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) <= 4.4.9 - Missing Authorization to Unauthenticated Price, Date, and Note Updates

The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...

WordPress plugin Gift Cards 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Ultimate Gift Cards for WooCommerce plugin <= 3.0.6 - Missing Authorization to Infinite Money Glitch vulnerability

Missing Authorization to Infinite Money Glitch vulnerability discovered by Ross Harper in WordPress Plugin Ultimate Gift Cards For WooCommerce versions = 3.0.6...

WordPress plugin Ultimate Gift Cards for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-9165

CVE-2024-9165 : Gift Cards (WooCommerce Supported) WordPress plugin contains a stored XSS via SVG file uploads in all versions

WordPress plugin Gift Cards 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-39465 · WordPress · The Gift Cards

Name of the Vulnerable Software and Affected Versions: The Gift Cards Gift Vouchers and Packages plugin for WordPress versions up to, and including, 4.4.4 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output...

WordPress Plugin Gift Cards 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on servers running PHP and MySQL.WordPress plugin is an...

WordPress Plugin YITH WooCommerce Gift Cards 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in WordPress Plugin...

CVE-2023-5703

The Gift Up Gift Cards for WordPress and WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'giftup' shortcode in all versions up to, and including, 2.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This make...

CVE-2023-28662

The Gift Cards Gift Vouchers and Packages WordPress Plugin, version = 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgvdoajaxvoucherpdfsavefunc action...

VulnCheck KEV: CVE-2022-45359

Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin = 3.19.0 on WordPress...

CVE-2022-45359

Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin = 3.19.0 on WordPress...

CVE-2020-35627

Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image...