48 matches found
EUVD-2025-202008
Missing Authorization vulnerability in multiparcels MultiParcels Shipping For WooCommerce multiparcels-shipping-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiParcels Shipping For WooCommerce: from n/a through = 1.30.12...
CVE-2025-62995 WordPress MultiParcels Shipping For WooCommerce plugin <= 1.30.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in multiparcels MultiParcels Shipping For WooCommerce multiparcels-shipping-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiParcels Shipping For WooCommerce: from n/a through = 1.30.12...
CVE-2025-62995
CVE-2025-62995 concerns a Missing Authorization vulnerability in the WordPress plugin “MultiParcels Shipping For WooCommerce” (versions up to and including 1.30.12). The issue stems from broken access control that could allow unauthorized access to sensitive functionality or data. The CVE is supp...
PT-2025-50021
Missing Authorization vulnerability in multiparcels MultiParcels Shipping For WooCommerce multiparcels-shipping-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiParcels Shipping For WooCommerce: from n/a through = 1.30.12...
WordPress plugin MultiParcels Shipping For WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress MultiParcels Shipping For WooCommerce plugin <= 1.30.12 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin MultiParcels Shipping For WooCommerce versions = 1.30.12...
EUVD-2024-29917
Malicious code in bioql PyPI...
EUVD-2023-44580
Malicious code in bioql PyPI...
EUVD-2023-44314
Malicious code in bioql PyPI...
CVE-2024-32095
Cross-Site Request Forgery CSRF vulnerability in MultiParcels MultiParcels Shipping For WooCommerce.This issue affects MultiParcels Shipping For WooCommerce: from n/a before 1.16.9...
CVE-2023-3954
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-3366
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.2 does not have CRSF check when deleting a shipment, allowing attackers to make any logged in user, delete arbitrary shipment via a CSRF attack...
CVE-2023-2843
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.15 does not properly sanitize and escape a parameter before using it in an SQL statement, which could allow any authenticated users, such as subscribers, to perform SQL Injection attacks...
CVE-2023-3671
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape various parameters before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-32095
Cross-Site Request Forgery CSRF vulnerability in MultiParcels MultiParcels Shipping For WooCommerce.This issue affects MultiParcels Shipping For WooCommerce: from n/a before 1.16.9...
CVE-2024-32095 WordPress MultiParcels Shipping For WooCommerce plugin < 1.16.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in MultiParcels MultiParcels Shipping For WooCommerce.This issue affects MultiParcels Shipping For WooCommerce: from n/a before 1.16.9...
CVE-2024-32095 WordPress MultiParcels Shipping For WooCommerce plugin < 1.16.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in MultiParcels MultiParcels Shipping For WooCommerce.This issue affects MultiParcels Shipping For WooCommerce: from n/a before 1.16.9...
CVE-2024-32095
CVE-2024-32095 is a CSRF vulnerability in MultiParcels Shipping For WooCommerce. Affected: MultiParcels Shipping For WooCommerce before version 1.16.9 (no fixed version stated in the initial doc). Reported CVSS v3.1 base score 4.3 (Medium) with network attack vector, requiring user interaction an...
WordPress Plugin MultiParcels Shipping For WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin MultiParcels Shipping For...
WordPress MultiParcels Shipping For WooCommerce plugin < 1.16.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin MultiParcels Shipping For WooCommerce versions 1.16.9...