58 matches found
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin = 1.6.4.4 versions...
CVE-2023-34015 WordPress Advanced Flat rate shipping Woocommerce Plugin <= 1.6.4.4 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin = 1.6.4.4 versions...
CVE-2023-34015
CVE-2023-34015 concerns the WordPress plugin “Advanced Flat rate shipping Woocommerce” (part of the PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce) with a Cross-Site Request Forgery (CSRF) vulnerability. Technical details available in c...
Advanced Flat rate shipping Woocommerce < 1.6.4.6 - Cross-Site Request Forgery
Cross-Site Request Forgery CSRF vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin = 1.6.4.4 versions...
PT-2023-24633 · Woocommerce · Pi Websolution Conditional Shipping & Advanced Flat Rate Shipping Rates / Flexible Shipping
Name of the Vulnerable Software and Affected Versions: PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin versions = 1.6.4.4 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an...
CVE-2023-29423
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooCommerce plugin = 1.3.2 versions...
CVE-2023-29423
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooCommerce plugin = 1.3.2 versions...
CVE-2023-29423
CVE-2023-29423 corresponds to the WordPress Cancel order request WooCommerce plugin vulnerability. Public sources confirm an Auth. (admin+) Stored Cross-Site Scripting (XSS) flaw affecting the plugin’s Cancel order request / Return order / Repeat Order / Reorder endpoints in versions
CVE-2023-29423 WordPress Cancel order request WooCommerce Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Cancel order request / Return order / Repeat Order / Reorder for WooCommerce plugin = 1.3.2 versions...
CVE-2023-29093
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PI Websolution Conditional cart fee plugin = 1.0.96 versions...
CVE-2023-28991
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce plugin = 3.0.19 versions...
CVE-2023-28988
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce plugin = 2.1.48 versions...
CVE-2023-28988
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce plugin = 2.1.48 versions...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PI Websolution Conditional cart fee plugin = 1.0.96 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Direct checkout, Add to cart redirect, Quick purchase button, Buy now button, Quick View button for WooCommerce plugin = 2.1.48 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce plugin = 3.0.19 versions...
CVE-2023-29093 WordPress Conditional extra fees for woocommerce Plugin <= 1.0.96 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PI Websolution Conditional cart fee plugin = 1.0.96 versions...
CVE-2023-29093
CVE-2023-29093 is a Cross-Site Scripting vulnerability in the PI Websolution Conditional cart fee plugin for WordPress, affecting versions 1.0.96, specifically to 1.0.97, which addresses the XSS risk. Exploitation status is not detailed in the provided documents. Actionable takeaway: update the ...
CVE-2023-28991 WordPress Order date time for WooCommerce Plugin <= 3.0.19 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in PI Websolution Order date, Order pickup, Order date time, Pickup Location, delivery date for WooCommerce plugin = 3.0.19 versions...
CVE-2023-28991
CVE-2023-28991 corresponds to a Stored XSS vulnerability in the PI Websolution Order date, Order pickup, Order date time, Pickup Location, and delivery date components of the WP plugin for WooCommerce, affected