34 matches found
CVE-2026-57340
CVE-2026-57340 describes an Unauthenticated Broken Access Control vulnerability in the WordPress plugin Japanized For WooCommerce versions up to 2.9.12 . The metric indicates a CVSS v3.1 base score of 6.5 (Medium) with attack vector Network , attack complexity Low , privileges required None , use...
CVE-2026-57340
Unauthenticated Broken Access Control in Japanized For WooCommerce = 2.9.12 versions...
CVE-2026-1305
The Japanized for WooCommerce plugin for WordPress is vulnerable to Improper Authentication in versions up to, and including, 2.8.4. This is due to a flawed permission check in the paidywebhookpermissioncheck function that unconditionally returns true when the webhook signature header is omitted...
PT-2026-22329
The Japanized for WooCommerce plugin for WordPress is vulnerable to Improper Authentication in versions up to, and including, 2.8.4. This is due to a flawed permission check in the paidy webhook permission check function that unconditionally returns true when the webhook signature header is...
CVE-2025-14886
The Japanized for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the order REST API endpoint in all versions up to, and including, 2.7.17. This makes it possible for unauthenticated attackers to mark any WooCommerce order a...
CVE-2025-14886 Japanized for WooCommerce <= 2.7.17 - Missing Authorization to Unauthenticated Order Status Modification
The Japanized for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the order REST API endpoint in all versions up to, and including, 2.7.17. This makes it possible for unauthenticated attackers to mark any WooCommerce order a...
CVE-2025-14886
CVE-2025-14886 concerns Japanized for WooCommerce for WordPress. It is a data modification vulnerability due to missing capability check on the order REST API endpoint, affecting all versions up to and including 2.7.17. Unauthenticated attackers could mark any WooCommerce order as processed/compl...
WordPress plugin Japanized for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2023-51796
Malicious code in bioql PyPI...
CVE-2023-0942
The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
CVE-2023-47698
Missing Authorization vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japanized For WooCommerce: from n/a through = 2.6.4...
CVE-2025-48284
Cross-Site Request Forgery CSRF vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Cross Site Request Forgery.This issue affects Japanized For WooCommerce: from n/a through = 2.6.40...
WordPress Japanized For WooCommerce plugin <= 2.6.40 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by luckybuddy in WordPress Plugin Japanized For WooCommerce versions = 2.6.40...
CVE-2025-48284
Cross-Site Request Forgery CSRF vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Cross Site Request Forgery.This issue affects Japanized For WooCommerce: from n/a through = 2.6.40...
CVE-2025-48284 WordPress Japanized For WooCommerce <= 2.6.40 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in shohei.tanaka Japanized For WooCommerce allows Cross Site Request Forgery. This issue affects Japanized For WooCommerce: from n/a through 2.6.40...
CVE-2025-48284
In CVE-2025-48284, the WordPress plugin Japanized For WooCommerce (
CVE-2025-48284 WordPress Japanized For WooCommerce plugin <= 2.6.40 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Cross Site Request Forgery.This issue affects Japanized For WooCommerce: from n/a through = 2.6.40...
PT-2025-21987 · Woocommerce · Japanized For Woocommerce
Name of the Vulnerable Software and Affected Versions: Japanized For WooCommerce versions 2.6.40 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed on behalf of a user. This issue can be exploited by tricking a user...
CVE-2023-47698
Missing Authorization vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japanized For WooCommerce: from n/a through = 2.6.4...
Cross site scripting
The Japanized For WooCommerce WordPress plugin before 2.5.8 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...