10 matches found
EUVD-2024-51129
Malicious code in bioql PyPI...
CVE-2024-12826
The GoHero Store Customizer for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woohactionsettingssavefrontend function in all versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to...
WordPress GoHero Store Customizer for WooCommerce plugin <= 3.5 - Missing Authorization to Unuthenticated Settings Update vulnerability
Missing Authorization to Unuthenticated Settings Update vulnerability discovered by incognito in WordPress Plugin Download Personalized WooCommerce Cart Page versions = 3.5...
CVE-2024-12826
The GoHero Store Customizer for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woohactionsettingssavefrontend function in all versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to...
CVE-2024-12826 GoHero Store Customizer for WooCommerce <= 3.5 - Missing Authorization to Unuthenticated Settings Update
The GoHero Store Customizer for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woohactionsettingssavefrontend function in all versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to...
CVE-2024-12826 GoHero Store Customizer for WooCommerce <= 3.5 - Missing Authorization to Unuthenticated Settings Update
The GoHero Store Customizer for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woohactionsettingssavefrontend function in all versions up to, and including, 3.5. This makes it possible for unauthenticated attackers to...
CVE-2024-12826
The CVE-2024-12826 flaw affects the GoHero Store Customizer for WooCommerce (WordPress). It stems from a missing capability check in the wooh_action_settings_save_frontend() function in all versions up to and including 3.5, enabling unauthenticated attackers to modify limited plugin settings. Imp...
WordPress plugin GoHero Store Customizer for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-1962 · WordPress · Gohero Store Customizer For Woocommerce
Name of the Vulnerable Software and Affected Versions: GoHero Store Customizer for WooCommerce plugin for WordPress versions up to, and including, 3.5 Description: The issue allows unauthorized modification of data due to a missing capability check on the wooh action settings save frontend...
WordPress GoHero Store Customizer for WooCommerce Plugin < 2.5 CSRF Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:najeebmedia:personalizedwoocommercecartpage"; if description...