Lucene search
K

42 matches found

CNNVD
CNNVD
added 2026/04/22 12:0 a.m.10 views

WordPress plugin Ni WooCommerce Order Export 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.7AI score0.00156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.5 views

CVE-2025-23481

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anzar Ahmed Ni WooCommerce Sales Report Email ni-woocommerce-sales-report-email allows Reflected XSS.This issue affects Ni WooCommerce Sales Report Email: from n/a through = 3.1.4...

7.1CVSS5.9AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-11758

Malware in sbrugna...

8.8CVSS8.6AI score0.01318EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-9457

Malicious code in bioql PyPI...

7.5CVSS8.1AI score0.00396EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-36553

Malicious code in bioql PyPI...

6.5CVSS9.1AI score0.00429EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-52115

Malicious code in bioql PyPI...

7.6CVSS8.9AI score0.00472EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-5731

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-9819

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00367EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-52362

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00418EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/23 4:25 a.m.8 views

CVE-2025-7827 Ni WooCommerce Customer Product Report <= 1.2.4 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Ni WooCommerce Customer Product Report plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the niwoocpraction function in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with Subscriber-leve...

4.3CVSS0.00188EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/23 4:25 a.m.2 views

CVE-2025-7827 Ni WooCommerce Customer Product Report <= 1.2.4 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Ni WooCommerce Customer Product Report plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the niwoocpraction function in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with Subscriber-leve...

4.3CVSS6.7AI score0.00188EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.7 views

CVE-2023-32299

Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Sales Report ni-woocommerce-sales-report allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ni WooCommerce Sales Report: from n/a through = 3.7.3...

6.5CVSS7.3AI score0.00429EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:4 p.m.7 views

CVE-2021-24846

The getquery function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7, used by the niwoocosajax AJAX action, available to all authenticated users, does not properly sanitise the sort parameter before using it in a SQL statement, leading to an SQL injection, exploitable by...

8.8CVSS7AI score0.01318EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/04/06 5:26 p.m.9 views

CVE-2025-32207

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods allows Stored XSS.This issue affects Ni WooCommerce Cost Of Goods: from n/a through = 3.2.8...

6.5CVSS7.2AI score0.00367EPSS
Exploits0References1
NVD
NVD
added 2025/04/04 4:15 p.m.5 views

CVE-2025-32207

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods allows Stored XSS.This issue affects Ni WooCommerce Cost Of Goods: from n/a through = 3.2.8...

6.5CVSS0.00367EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/04 3:59 p.m.13 views

CVE-2025-32207 WordPress Ni WooCommerce Cost Of Goods plugin <= 3.2.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods allows Stored XSS.This issue affects Ni WooCommerce Cost Of Goods: from n/a through = 3.2.8...

6.5CVSS0.00367EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/03 9:33 p.m.6 views

CVE-2025-31580

Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Product Enquiry ni-woocommerce-product-enquiry allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Ni WooCommerce Product Enquiry: from n/a through = 4.1.8...

7.5CVSS7.2AI score0.00396EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 9:15 p.m.13 views

CVE-2025-31580

Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Product Enquiry ni-woocommerce-product-enquiry allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Ni WooCommerce Product Enquiry: from n/a through = 4.1.8...

7.5CVSS0.00396EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/01 2:51 p.m.15 views

CVE-2025-31826 WordPress Ni WooCommerce Cost Of Goods plugin <= 3.2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ni WooCommerce Cost Of Goods: from n/a through = 3.2.8...

5.4CVSS0.00424EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.4 views

PT-2025-14206 · Unknown · Ni Woocommerce Cost Of Goods

Name of the Vulnerable Software and Affected Versions: Ni WooCommerce Cost Of Goods versions 3.2.8 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For Ni...

5.4CVSS6.2AI score0.00424EPSS
Exploits0References3
Rows per page
Query Builder