CVE-2025-15635

Cross-Site Request Forgery CSRF vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Cross Site Request Forgery.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

CVE-2024-43253 WordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through = 1.5.6...

CVE-2024-43254 WordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through = 1.5.6...

CVE-2024-31238 WordPress Smart Online Order for Clover plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Zaytech Smart Online Order for Clover.This issue affects Smart Online Order for Clover: from n/a through 1.5.5...

Smart Online Order for Clover < 1.5.5 - Cross-Site Request Forgery

Description The Smart Online Order for Clover plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.4. This is due to missing or incorrect nonce validation on the pagecoupons function. This makes it possible for unauthenticated attackers to...

WordPress Smart Online Order for Clover Plugin <= 1.5.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Smart Online Order for Clover Type Plugin Vulnerable versions = 1.5.5 Fixed in 1.5.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31238 Patch priority Low CVSS severity Low 5.4 Developer Zaytech PSID dad95ce21a7d Credits thiennv...

CVE-2024-29115 WordPress Smart Online Order for Clover plugin <= 1.5.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zaytech Smart Online Order for Clover allows Stored XSS.This issue affects Smart Online Order for Clover: from n/a through 1.5.5...

CVE-2024-29115 WordPress Smart Online Order for Clover plugin <= 1.5.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zaytech Smart Online Order for Clover allows Stored XSS.This issue affects Smart Online Order for Clover: from n/a through 1.5.5...

PT-2024-22736 · Zaytech · Zaytech Smart Online Order For Clover

Name of the Vulnerable Software and Affected Versions: Zaytech Smart Online Order for Clover versions 1.5.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...