Lucene search
K

24 matches found

EUVD
EUVD
added 2026/06/27 6:50 a.m.10 views

EUVD-2026-39950

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Product SKU in all versions up to, and including, 5.0.4 due to insufficient input sanitization and output escaping. This mak...

6.4CVSS5.8AI score0.0022EPSS
Exploits0References8
OSV
OSV
added 2026/06/05 8:33 p.m.5 views

GHSA-H4MP-G9C6-XWPH Shopper: Missing authorization on Product admin Livewire sub-form components

Impact Sub-form Livewire components used in the product editor Edit, Inventory, Seo, Shipping, Files had no authorization on their store method. Any authenticated panel user, regardless of role, could mutate any product's pricing, stock, SEO metadata, shipping dimensions, and attached media witho...

6.5CVSS5.6AI score0.00221EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-41799

Malicious code in bioql PyPI...

7.5CVSS8AI score0.00552EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:50 a.m.3 views

CVE-2023-37972

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1...

7.5CVSS7.7AI score0.00552EPSS
Exploits0References1
NVD
NVD
added 2024/12/13 3:15 p.m.6 views

CVE-2023-37971

Missing Authorization vulnerability in MultiVendorX WooCommerce Product Stock Alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Product Stock Alert: from n/a through 2.0.1...

6.5CVSS0.00481EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 2:23 p.m.22 views

CVE-2023-37971 WordPress WooCommerce Product Stock Alert plugin <= 2.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in MultiVendorX WooCommerce Product Stock Alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Product Stock Alert: from n/a through 2.0.1...

6.5CVSS0.00481EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.2 views

PT-2024-12671 · WordPress · Woocommerce Product Stock Alert

Name of the Vulnerable Software and Affected Versions: WooCommerce Product Stock Alert versions 2.0.1 and earlier Description: The issue affects the WooCommerce Product Stock Alert plugin, allowing exploitation of incorrectly configured access control security levels due to a missing authorizatio...

6.5CVSS8.9AI score0.00481EPSS
Exploits0References7
NVD
NVD
added 2023/11/30 3:15 p.m.24 views

CVE-2023-37972

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1...

7.5CVSS0.00552EPSS
Exploits0References1
Prion
Prion
added 2023/11/30 3:15 p.m.14 views

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1...

5CVSS7.1AI score0.00552EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/30 3:7 p.m.28 views

CVE-2023-37972 WordPress WooCommerce Product Stock Alert Plugin <= 2.0.1 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MultiVendorX Product Stock Manager & Notifier for WooCommerce.This issue affects Product Stock Manager & Notifier for WooCommerce: from n/a through 2.0.1...

5.3CVSS7.7AI score0.00552EPSS
Exploits0References1
CVE
CVE
added 2023/11/30 3:7 p.m.38 views

CVE-2023-37972

CVE-2023-37972 – Information Disclosure in WordPress plugin “WooCommerce Product Stock Alert / Product Stock Manager & Notifier for WooCommerce” Affected software: Product Stock Manager & Notifier for WooCommerce (WordPress plugin) — commonly listed as WooCommerce Product Stock Alert. Root cause ...

7.5CVSS7.7AI score0.00552EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/11/30 12:0 a.m.3 views

WordPress Plugin Product Stock Manager & Notifier for WooCommerce Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Product Stock Manager &...

7.5CVSS6.3AI score0.00552EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/30 12:0 a.m.4 views

PT-2023-26219 · Woocommerce · Product Stock Manager & Notifier For Woocommerce

Name of the Vulnerable Software and Affected Versions: Product Stock Manager & Notifier for WooCommerce versions through 2.0.1 Description: The issue is related to Exposure of Sensitive Information to an Unauthorized Actor, affecting the Product Stock Manager & Notifier for WooCommerce...

7.5CVSS7.5AI score0.00552EPSS
Exploits0References4
Patchstack
Patchstack
added 2023/07/12 12:0 a.m.6 views

WordPress WooCommerce Product Stock Alert Plugin <= 2.0.1 is vulnerable to Settings Change

Software WooCommerce Product Stock Alert Type Plugin Vulnerable versions = 2.0.1 Fixed in 2.0.2 OWASP Top 10 A5: Broken Access Control Classification Settings Change CVE CVE-2023-37971 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e561b9b30485 Credits Mika Required...

6.3AI score0.00481EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/12 12:0 a.m.9 views

WordPress WooCommerce Product Stock Alert Plugin <= 2.0.1 is vulnerable to Sensitive Data Exposure

Software WooCommerce Product Stock Alert Type Plugin Vulnerable versions = 2.0.1 Fixed in 2.0.2 OWASP Top 10 A5: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-37972 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 90d3154cbc8c Credits Mika Requir...

7.5CVSS6.6AI score0.00552EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/11/07 10:15 a.m.4 views

CVE-2022-3451

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

4.3CVSS5.9AI score0.00264EPSS
Exploits2References1
NVD
NVD
added 2022/11/07 10:15 a.m.26 views

CVE-2022-3451

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

4.3CVSS0.00264EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/11/07 12:0 a.m.27 views

CVE-2022-3451 Product Stock Manager < 1.0.5 - Subscriber+ Unauthorised AJAX Calls

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

5AI score0.00264EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/11/07 12:0 a.m.5 views

WordPress plugin Product Stock Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

4.3CVSS5.1AI score0.00264EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2022/11/07 12:0 a.m.9 views

CVE-2022-3451 Product Stock Manager < 1.0.5 - Subscriber+ Unauthorised AJAX Calls

The Product Stock Manager WordPress plugin before 1.0.5 does not have authorisation and proper CSRF checks in multiple AJAX actions, allowing users with a role as low as subscriber to call them. One action in particular could allow to update arbitrary options...

7.2AI score0.00264EPSS
Exploits2References1
Rows per page
Query Builder