32 matches found
CVE-2026-57415
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codemenschen Gift Vouchers gift-voucher allows Stored XSS.This issue affects Gift Vouchers: from n/a through = 4.7.0...
CVE-2026-57412
Missing Authorization vulnerability in Codemenschen Gift Vouchers gift-voucher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gift Vouchers: from n/a through = 4.6.9...
CVE-2026-57415
The CVE-2026-57415 issue affects the WordPress Gift Vouchers plugin (versions
CVE-2026-57412
The CVE-2026-57412 entry concerns the WordPress Gift Vouchers plugin (versions up to 4.6.9). The vulnerability is described as a Missing Authorization issue caused by Incorrectly Configured Access Control Security Levels, i.e., a Broken Access Control vulnerability. Affected component: gift-vouch...
CVE-2026-57412 WordPress Gift Vouchers plugin <= 4.6.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in Codemenschen Gift Vouchers gift-voucher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gift Vouchers: from n/a through = 4.6.9...
CVE-2026-57415 WordPress Gift Vouchers plugin <= 4.7.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codemenschen Gift Vouchers gift-voucher allows Stored XSS.This issue affects Gift Vouchers: from n/a through = 4.7.0...
WordPress Gift Vouchers plugin <= 4.7.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by xwii in WordPress Plugin Gift Vouchers versions = 4.7.0...
WordPress Gift Vouchers plugin <= 4.6.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by dodoh4t in WordPress Plugin Gift Vouchers versions = 4.6.9...
EUVD-2024-30254
Malicious code in bioql PyPI...
CVE-2024-32436
Cross-Site Request Forgery CSRF vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0...
CVE-2024-13520
The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...
CVE-2024-13520
The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...
WordPress Gift Cards plugin <= 4.4.9 - Missing Authorization to Unauthenticated Price, Date, and Note Updates vulnerability
Missing Authorization to Unauthenticated Price, Date, and Note Updates vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Gift Vouchers versions = 4.4.9...
WordPress Gift Vouchers Plugin <= 4.4.4 is vulnerable to Cross Site Scripting (XSS)
Software Gift Vouchers Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9165 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 05e5caabd7d5 Credits Francesco Carlucci Require...
Gift Vouchers < 4.4.1 - Cross-Site Request Forgery
Description The Gift Vouchers plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.0. This is due to missing or incorrect nonce validation on the createdefaultpages function. This makes it possible for unauthenticated attackers to trigger the...
CVE-2024-32436
Cross-Site Request Forgery CSRF vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0...
CVE-2024-32436 WordPress Gift Cards plugin <= 4.4.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0...
CVE-2024-32436
CVE-2024-32436 : CSRF vulnerability in Gift Cards / Gift Vouchers (WordPress plugin) affecting versions up to 4.4.0. Exploitation is not indicated in the entries; CVSS v3.1 base score 4.3 (Medium). Root cause and specific vectors are not detailed in the provided documents. Remediation referenced:...
CVE-2024-32436 WordPress Gift Cards plugin <= 4.4.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0...
PT-2024-24566 · Unknown · Codemenschen Gift Vouchers
Name of the Vulnerable Software and Affected Versions: Codemenschen Gift Vouchers versions through 4.4.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application...