105 matches found
WordPress plugin PeproDev WooCommerce Receipt Uploader 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-5415 · Peprodev · Peprodev Woocommerce Receipt Uploader
Name of the Vulnerable Software and Affected Versions: PeproDev WooCommerce Receipt Uploader versions prior to 2.6.9 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This means an attacker can inject...
WordPress PeproDev WooCommerce Receipt Uploader plugin <= 2.6.9 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Mika in WordPress Plugin PeproDev WooCommerce Receipt Uploader versions = 2.6.9...
CVE-2024-8873
The PeproDev WooCommerce Receipt Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.6.9. This makes it possible for unauthenticated attackers to inject arbitrar...
CVE-2024-8873
CVE-2024-8873 : PeproDev WooCommerce Receipt Uploader for WordPress is vulnerable to Reflected Cross-Site Scripting due to improper escaping of URLs when using add_query_arg, affecting all versions up to and including 2.6.9. Exploitation requires user interaction (e.g., tricking a user into click...
CVE-2024-8873 PeproDev WooCommerce Receipt Uploader <= 2.6.9 - Reflected Cross-Site Scripting
The PeproDev WooCommerce Receipt Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.6.9. This makes it possible for unauthenticated attackers to inject arbitrar...
CVE-2024-8873 PeproDev WooCommerce Receipt Uploader <= 2.6.9 - Reflected Cross-Site Scripting
The PeproDev WooCommerce Receipt Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.6.9. This makes it possible for unauthenticated attackers to inject arbitrar...
WordPress plugin PeproDev WooCommerce Receipt Uploader 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2024-49298
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice pepro-ultimate-invoice allows Stored XSS.This issue affects PeproDev Ultimate Invoice: from n/a through = 2.0.6...
CVE-2024-49298 WordPress PeproDev Ultimate Invoice plugin <= 2.0.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice pepro-ultimate-invoice allows Stored XSS.This issue affects PeproDev Ultimate Invoice: from n/a through = 2.0.6...
CVE-2024-49298 WordPress PeproDev Ultimate Invoice plugin <= 2.0.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice allows Stored XSS.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.6...
WordPress plugin PeproDev Ultimate Invoice 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress PeproDev Ultimate Invoice plugin <= 2.0.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin PeproDev Ultimate Invoice versions = 2.0.6...
WordPress PeproDev Ultimate Invoice Plugin <= 2.0.6 is vulnerable to Cross Site Scripting (XSS)
Software PeproDev Ultimate Invoice Type Plugin Vulnerable versions = 2.0.6 Fixed in 2.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49298 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ec8d635fcc13 Credits LVT-tholv2k Required privile...
PT-2024-39291 · WordPress · Peprodev Woocommerce Receipt Uploader
Name of the Vulnerable Software and Affected Versions: PeproDev WooCommerce Receipt Uploader plugin for WordPress versions up to, and including, 2.6.9 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on the URL. This...
CVE-2023-41864
Cross-Site Request Forgery CSRF vulnerability in Pepro Dev. Group PeproDev CF7 Database.This issue affects PeproDev CF7 Database: from n/a through 1.8.0...
CVE-2023-41864
Technical details for CVE-2023-41864 are not provided in the supplied documents; no affected products/versions or mitigations are specified here—monitor for updates.
CVE-2023-41864 WordPress PeproDev CF7 Database plugin <= 1.8.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Pepro Dev. Group PeproDev CF7 Database.This issue affects PeproDev CF7 Database: from n/a through 1.8.0...
CVE-2023-41864 WordPress PeproDev CF7 Database plugin <= 1.8.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Pepro Dev. Group PeproDev CF7 Database.This issue affects PeproDev CF7 Database: from n/a through 1.8.0...
WordPress Plugin PeproDev CF7 Database 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin PeproDev CF7 Database...