Lucene search
K

72 matches found

RedhatCVE
RedhatCVE
added 2026/04/09 7:23 p.m.5 views

CVE-2026-39662

Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through = 2.5.6...

5.3CVSS5.9AI score0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 9:31 a.m.3 views

EUVD-2026-20332

Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through = 2.5.6...

5.9AI score0.0019EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 9:16 a.m.3 views

CVE-2026-39662

Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through = 2.5.6...

5.3CVSS0.0019EPSS
Exploits0References1
CVE
CVE
added 2026/04/08 8:30 a.m.9 views

CVE-2026-39662

The connected sources confirm CVE-2026-39662 relates to a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin “Product Price by Formula for WooCommerce” (ProWCPlugins). Affected product: Product Price by Formula for WooCommerce; vulnerable component: the plugin’s a...

5.3CVSS5.9AI score0.0019EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/08 8:30 a.m.4 views

CVE-2026-39662 WordPress Product Price by Formula for WooCommerce plugin <= 2.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through = 2.5.6...

5.3CVSS5.9AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 8:30 a.m.24 views

CVE-2026-39662 WordPress Product Price by Formula for WooCommerce plugin <= 2.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ProWCPlugins Product Price by Formula for WooCommerce product-price-by-formula-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Price by Formula for WooCommerce: from n/a through = 2.5.6...

5.3CVSS0.0019EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.9 views

WordPress plugin Product Price by Formula for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.3CVSS5.8AI score0.0019EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/11 12:13 a.m.6 views

EUVD-2026-10923

Sylius has a DQL Injection via API Order Filters...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References1
NVD
NVD
added 2026/03/10 10:16 p.m.5 views

CVE-2026-31825

Sylius is an Open Source eCommerce Framework on Symfony. Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy without validation. An attacker can inject arbitrary DQL. The issue is fixed in...

5.3CVSS0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/03/10 9:33 p.m.15 views

CVE-2026-31825

Sylius (Open Source eCommerce framework on Symfony) has a vulnerability in API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter, where user-supplied order direction values are passed directly to Doctrine’s orderBy() without validation. This allows injection of arbitrary DQL...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/10 9:33 p.m.3 views

CVE-2026-31825 Sylius has a DQL Injection via API Order Filters

Sylius is an Open Source eCommerce Framework on Symfony. Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy without validation. An attacker can inject arbitrary DQL. The issue is fixed in...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/10 9:33 p.m.28 views

CVE-2026-31825 Sylius has a DQL Injection via API Order Filters

Sylius is an Open Source eCommerce Framework on Symfony. Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy without validation. An attacker can inject arbitrary DQL. The issue is fixed in...

5.3CVSS0.00197EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/10 9:33 p.m.5 views

CVE-2026-31825

Sylius is an Open Source eCommerce Framework on Symfony. Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy without validation. An attacker can inject arbitrary DQL. The issue is fixed in...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/03/10 9:33 p.m.4 views

CVE-2026-31825 Sylius has a DQL Injection via API Order Filters

Sylius is an Open Source eCommerce Framework on Symfony. Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy without validation. An attacker can inject arbitrary DQL. The issue is fixed in...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.6 views

PT-2026-24479

Name of the Vulnerable Software and Affected Versions Sylius versions 1.9.12 through 1.11.17 Sylius versions 1.12.23 through 1.13.15 Sylius versions 1.14.18 through 2.0.16 Sylius versions 2.1.12 through 2.2.3 Description Sylius is an Open Source eCommerce Framework on Symfony. The...

5.3CVSS5.9AI score0.00197EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/07 9:14 a.m.23 views

CVE-2024-2151

A vulnerability classified as problematic was found in SourceCodester Online Mobile Management Store 1.0. Affected by this vulnerability is an unknown functionality of the component Product Price Handler. The manipulation of the argument quantity with the input -1 leads to business logic errors...

5.3CVSS6.9AI score0.00546EPSS
Exploits1References1
CVE
CVE
added 2025/10/31 9:27 a.m.26 views

CVE-2025-12115

CVE-2025-12115 affects the WordPress plugin “WPC Name Your Price for WooCommerce” (versions up to and including 2.1.9). The root cause is that the plugin does not disable the ability to enter a custom price for a product when it has been disabled, allowing unauthenticated actors to purchase at lo...

7.5CVSS5.6AI score0.00269EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-34206

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00802EPSS
Exploits3References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-52559

Malicious code in bioql PyPI...

7.1CVSS8.9AI score0.00202EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4793

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.03885EPSS
Exploits1References7
Rows per page
Query Builder