Lucene search
+L

32 matches found

NVD
NVD
added 4 days ago3 views

CVE-2026-57415

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codemenschen Gift Vouchers gift-voucher allows Stored XSS.This issue affects Gift Vouchers: from n/a through = 4.7.0...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 4 days ago3 views

CVE-2026-57412

Missing Authorization vulnerability in Codemenschen Gift Vouchers gift-voucher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gift Vouchers: from n/a through = 4.6.9...

6.5CVSS0.00242EPSS
Exploits0References1
CVE
CVE
added 4 days ago7 views

CVE-2026-57415

The CVE-2026-57415 issue affects the WordPress Gift Vouchers plugin (versions

7.1CVSS6.1AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 4 days ago7 views

CVE-2026-57412

The CVE-2026-57412 entry concerns the WordPress Gift Vouchers plugin (versions up to 4.6.9). The vulnerability is described as a Missing Authorization issue caused by Incorrectly Configured Access Control Security Levels, i.e., a Broken Access Control vulnerability. Affected component: gift-vouch...

6.5CVSS6.1AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-57412 WordPress Gift Vouchers plugin <= 4.6.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Codemenschen Gift Vouchers gift-voucher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gift Vouchers: from n/a through = 4.6.9...

6.5CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago28 views

CVE-2026-57415 WordPress Gift Vouchers plugin <= 4.7.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codemenschen Gift Vouchers gift-voucher allows Stored XSS.This issue affects Gift Vouchers: from n/a through = 4.7.0...

7.1CVSS0.0018EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/07/08 1:1 p.m.5 views

WordPress Gift Vouchers plugin <= 4.7.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by xwii in WordPress Plugin Gift Vouchers versions = 4.7.0...

7.1CVSS6.1AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/07/08 12:52 p.m.5 views

WordPress Gift Vouchers plugin <= 4.6.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by dodoh4t in WordPress Plugin Gift Vouchers versions = 4.6.9...

6.5CVSS6.1AI score0.00242EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-30254

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:11 a.m.10 views

CVE-2024-32436

Cross-Site Request Forgery CSRF vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0...

4.3CVSS5.1AI score0.00212EPSS
Exploits0References1
NVD
NVD
added 2025/02/20 10:15 a.m.27 views

CVE-2024-13520

The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...

5.3CVSS0.00289EPSS
Exploits0References2
OSV
OSV
added 2025/02/20 10:15 a.m.3 views

CVE-2024-13520

The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...

5.3CVSS5.8AI score0.00289EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/02/19 11:29 p.m.5 views

WordPress Gift Cards plugin <= 4.4.9 - Missing Authorization to Unauthenticated Price, Date, and Note Updates vulnerability

Missing Authorization to Unauthenticated Price, Date, and Note Updates vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Gift Vouchers versions = 4.4.9...

5.3CVSS7AI score0.00289EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/30 12:0 a.m.19 views

WordPress Gift Vouchers Plugin <= 4.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Gift Vouchers Type Plugin Vulnerable versions = 4.4.4 Fixed in 4.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9165 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 05e5caabd7d5 Credits Francesco Carlucci Require...

6.4CVSS8.5AI score0.00333EPSS
Exploits0References3Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/17 12:0 a.m.12 views

Gift Vouchers < 4.4.1 - Cross-Site Request Forgery

Description The Gift Vouchers plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.0. This is due to missing or incorrect nonce validation on the createdefaultpages function. This makes it possible for unauthenticated attackers to trigger the...

4.3CVSS6.4AI score0.00212EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/04/15 9:15 a.m.24 views

CVE-2024-32436

Cross-Site Request Forgery CSRF vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0...

4.3CVSS4.6AI score0.00212EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 8:8 a.m.17 views

CVE-2024-32436 WordPress Gift Cards plugin <= 4.4.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0...

4.3CVSS7AI score0.00212EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 8:8 a.m.65 views

CVE-2024-32436

CVE-2024-32436 : CSRF vulnerability in Gift Cards / Gift Vouchers (WordPress plugin) affecting versions up to 4.4.0. Exploitation is not indicated in the entries; CVSS v3.1 base score 4.3 (Medium). Root cause and specific vectors are not detailed in the provided documents. Remediation referenced:...

4.3CVSS5.1AI score0.00212EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 8:8 a.m.30 views

CVE-2024-32436 WordPress Gift Cards plugin <= 4.4.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0...

4.3CVSS4.9AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.7 views

PT-2024-24566 · Unknown · Codemenschen Gift Vouchers

Name of the Vulnerable Software and Affected Versions: Codemenschen Gift Vouchers versions through 4.4.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application...

4.3CVSS6.8AI score0.00212EPSS
Exploits0References4
Rows per page
Query Builder