EUVD-2023-41799

Malicious code in bioql PyPI...

CVE-2023-37972

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1...

CVE-2023-37972

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1...

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1...

CVE-2023-37972 WordPress WooCommerce Product Stock Alert Plugin <= 2.0.1 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1...

CVE-2023-37972

CVE-2023-37972 – Information Disclosure in WordPress plugin “WooCommerce Product Stock Alert / Product Stock Manager & Notifier for WooCommerce” Affected software: Product Stock Manager & Notifier for WooCommerce (WordPress plugin) — commonly listed as WooCommerce Product Stock Alert. Root cause ...

PT-2023-26219 · Woocommerce · Product Stock Manager & Notifier For Woocommerce

Name of the Vulnerable Software and Affected Versions: Product Stock Manager & Notifier for WooCommerce versions through 2.0.1 Description: The issue is related to Exposure of Sensitive Information to an Unauthorized Actor, affecting the Product Stock Manager & Notifier for WooCommerce...

WordPress Plugin Product Stock Manager & Notifier for WooCommerce Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Product Stock Manager &...

CVE-2022-3451

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

CVE-2022-3451

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

CVE-2022-3451 Product Stock Manager < 1.0.5 - Subscriber+ Unauthorised AJAX Calls

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

WordPress plugin Product Stock Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

CVE-2022-3451 Product Stock Manager < 1.0.5 - Subscriber+ Unauthorised AJAX Calls

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

CVE-2022-3451

The CVE-2022-3451 entry concerns the Product Stock Manager WordPress plugin up to version 1.0.4 (pre‑1.0.5). Reports in multiple connected sources confirm a lack of proper authorization and CSRF checks in several AJAX actions, enabling users with a role as low as subscriber to call these actions ...

Product Stock Manager < 1.0.5 - Subscriber+ Unauthorised AJAX Calls

The plugin does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options PoC To set the default role for new users to administrator, run the below command ...

Product Stock Manager < 1.0.5 - Subscriber+ Unauthorised AJAX Calls

The plugin does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options To set the default role for new users to administrator, run the below command in t...