EUVD-2024-35395

Malicious code in bioql PyPI...

Woocommerce – Recent Purchases <= 1.0.1 - Authenticated (Admin+) Local File Inclusion

Description The Woocommerce – Recent Purchases plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the serve...

CVE-2024-35629

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Wow-Company Easy Digital Downloads – Recent Purchases allows PHP Remote File Inclusion.This issue affects Easy Digital Downloads – Recent Purchases: from n/a through 1.0.2...

CVE-2024-35634

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Wow-Company Woocommerce – Recent Purchases allows PHP Local File Inclusion.This issue affects Woocommerce – Recent Purchases: from n/a through 1.0.1...

CVE-2024-35634

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Wow-Company Woocommerce – Recent Purchases allows PHP Local File Inclusion.This issue affects Woocommerce – Recent Purchases: from n/a through 1.0.1...

CVE-2024-35634 Woocommerce – Recent Purchases plugin <= 1.0.1 - File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Wow-Company Woocommerce – Recent Purchases allows PHP Local File Inclusion.This issue affects Woocommerce – Recent Purchases: from n/a through 1.0.1...

CVE-2024-35629 WordPress Easy Digital Downloads – Recent Purchases plugin <= 1.0.2 - Remote File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Wow-Company Easy Digital Downloads – Recent Purchases allows PHP Remote File Inclusion.This issue affects Easy Digital Downloads – Recent Purchases: from n/a through 1.0.2...

Woocommerce – Recent Purchases plugin <= 1.0.1 - File Inclusion vulnerability

File Inclusion vulnerability discovered by YCInfosec Patchstack Alliance in WordPress Plugin Woocommerce – Recent Purchases versions = 1.0.1...

WordPress Easy Digital Downloads – Recent Purchases plugin <= 1.0.2 - Remote File Inclusion vulnerability

Remote File Inclusion vulnerability discovered by YCInfosec Patchstack Alliance in WordPress Plugin Easy Digital Downloads – Recent Purchases versions = 1.0.2...

WordPress Easy Digital Downloads – Recent Purchases Plugin <= 1.0.2 is vulnerable to Remote File Inclusion

Software Easy Digital Downloads – Recent Purchases Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Remote File Inclusion CVE CVE-2024-35629 Patch priority Low CVSS severity Low 9.6 Developer Claim ownership PSID 23e0c1b90e02 Credits YCInfosec Require...

WordPress Woocommerce – Recent Purchases Plugin <= 1.0.1 is vulnerable to Local File Inclusion

Software Woocommerce – Recent Purchases Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-35634 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 2f3df66f0e0f Credits YCInfosec Required privilege...

CVE-2017-3211

Yopify, an e-commerce notification plugin, up to April 06, 2017, leaks the first name, last initial, city, and recent purchase data of customers, all without user authorization...