Custom Product Tabs for WooCommerce < 1.7.8 - Unauthenticated Toggle Content Setting Update

YIKES Inc. Custom Product Tabs for WooCommerce plugin \u003C= 1.7.7 contains a broken access control caused by improper permission checks in &yikes-the-content-toggle option update, letting attackers modify content without authorization. id: CVE-2022-28666 info: name: Custom Product Tabs for...

WordPress Category and Product Woocommerce Tabs plugin <= 1.0 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Category and Product Woocommerce Tabs versions = 1.0...

EUVD-2022-46464

Malicious code in bioql PyPI...

EUVD-2025-11124

Malicious code in bioql PyPI...

EUVD-2025-27399

Malicious code in bioql PyPI...

CVE-2025-58985

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through = 1.7.3...

CVE-2025-58985

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through = 1.7.3...

WordPress Additional Custom Product Tabs for WooCommerce Plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Additional Custom Product Tabs for WooCommerce versions = 1.7.3...

CVE-2025-58985

CVE-2025-58985 concerns the WordPress plugin Additional Custom Product Tabs for WooCommerce where versions up to and including 1.7.3 are affected by a Stored Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. The issue is attributed to WPF...

CVE-2025-58985 WordPress Additional Custom Product Tabs for WooCommerce Plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through = 1.7.3...

CVE-2025-58985 WordPress Additional Custom Product Tabs for WooCommerce Plugin <= 1.7.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce allows Stored XSS. This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through 1.7.3...

WordPress plugin Additional Custom Product Tabs for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2025-36806

Name of the Vulnerable Software and Affected Versions: Additional Custom Product Tabs for WooCommerce versions through 1.7.3 Description: The software contains a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks...

CVE-2025-26749

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Additional Custom Product Tabs for WooCommerce product-tabs-for-woocommerce allows Stored XSS.This issue affects Additional Custom Product Tabs for WooCommerce: from n/a through = 1.7.0...

CVE-2025-26749

CVE-2025-26749: Stored XSS in WPFactory Additional Custom Product Tabs for WooCommerce (Authenticated) affects the WordPress plugin Additional Custom Product Tabs for WooCommerce, versions up to 1.7.0. Root cause is improper neutralization of input during web page generation, enabling stored cros...

WordPress Tabs for WooCommerce plugin <= 1.0.0 - Authentiated (Shop Manager+) PHP Object Injection in product_has_custom_tabs vulnerability

Authentiated Shop Manager+ PHP Object Injection in producthascustomtabs vulnerability discovered by Francesco Carlucci in WordPress Plugin Tabs for WooCommerce versions = 1.0.0...

WordPress Custom Product Tabs Lite for WooCommerce plugin <= 1.9.0 - Authenticated (Shop Manager+) PHP Object Injection vulnerability

Authenticated Shop Manager+ PHP Object Injection vulnerability discovered by Francesco Carlucci in WordPress Plugin Custom Product Tabs Lite for WooCommerce versions = 1.9.0...

CVE-2024-12600 Custom Product Tabs Lite for WooCommerce <= 1.9.0 - Authenticated (Shop Manager+) PHP Object Injection

The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.0 via deserialization of untrusted input from the 'frswooproducttabs' parameter. This makes it possible for authenticated attackers, with Shop...

CVE-2024-12600 Custom Product Tabs Lite for WooCommerce <= 1.9.0 - Authenticated (Shop Manager+) PHP Object Injection

The Custom Product Tabs Lite for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.0 via deserialization of untrusted input from the 'frswooproducttabs' parameter. This makes it possible for authenticated attackers, with Shop...

WordPress plugin Custom Product Tabs Lite for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...