Lucene search
+L

6 matches found

NVD
NVD
added 2026/06/27 8:16 a.m.12 views

CVE-2026-11364

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the invoke methods of the...

4.3CVSS0.00213EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/27 6:50 a.m.33 views

CVE-2026-11364 Product Specifications for Woocommerce <= 0.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attribute/Group Creation, Modification, and Deletion via 'dwps_modify_groups' and 'dwps_modify_attributes' AJAX Actions

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the invoke methods of the...

4.3CVSS0.00213EPSS
Exploits0References8
OSV
OSV
added 2025/03/31 4:3 p.m.10 views

CGA-96X4-56PP-7R72

Bulletin has no description...

4.4CVSS7.2AI score0.00393EPSS
Exploits2
OSV
OSV
added 2023/05/09 1:15 p.m.4 views

CVE-2022-46858

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Amin A.Rezapour Product Specifications for Woocommerce plugin = 0.6.0 versions...

6.1CVSS5.8AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2023/05/09 11:40 a.m.40 views

CVE-2022-46858

CVE-2022-46858 affects the WordPress plugin Product Specifications for Woocommerce (Amin A. Rezapour) up to version 0.6.0 . The issue is an unauthenticated, reflected Cross-Site Scripting (XSS) via arbitrary query string parameters, enabling injected scripts when users visit a crafted URL. Public...

7.1CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.4 views

WordPress plugin Product Specifications for Woocommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

7.1CVSS6.8AI score0.00382EPSS
Exploits0References3
Rows per page
Query Builder