34 matches found
CVE-2026-27066
Missing Authorization vulnerability in PI Web Solution Live sales notification for WooCommerce live-sales-notifications-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live sales notification for WooCommerce: from n/a through = 2.3.60...
CVE-2026-27066
Missing Authorization vulnerability in PI Web Solution Live sales notification for WooCommerce live-sales-notifications-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live sales notification for WooCommerce: from n/a through = 2.3.60...
CVE-2026-27066
Missing Authorization vulnerability in PI Web Solution Live sales notification for WooCommerce live-sales-notifications-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live sales notification for WooCommerce: from n/a through = 2.3.61...
CVE-2026-27066
CVE-2026-27066 affects the WordPress plugin “Live sales notification for WooCommerce” (versions up to 2.3.49; some sources list up to 2.3.46). Root cause: missing authorization arising from incorrectly configured access control security levels that grant insufficiently restricted access. Impact: ...
CVE-2026-27066 WordPress Live sales notification for WooCommerce plugin <= 2.3.61 - Broken Access Control vulnerability
Missing Authorization vulnerability in PI Web Solution Live sales notification for WooCommerce live-sales-notifications-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live sales notification for WooCommerce: from n/a through = 2.3.61...
CVE-2026-27066 WordPress Live sales notification for WooCommerce plugin <= 2.3.60 - Broken Access Control vulnerability
Missing Authorization vulnerability in PI Web Solution Live sales notification for WooCommerce live-sales-notifications-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live sales notification for WooCommerce: from n/a through = 2.3.60...
PT-2026-20766
Missing Authorization vulnerability in PI Web Solution Live sales notification for WooCommerce live-sales-notifications-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live sales notification for WooCommerce: from n/a through = 2.3.46...
WordPress plugin Live sales notification for WooCommerce 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress Live Sales Notification for Woocommerce – Woomotiv plugin <= 3.6.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Live Sales Notification for Woocommerce - Woomotiv versions = 3.6.3...
EUVD-2025-201536
The Live Sales Notification for Woocommerce – Woomotiv plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'woomotivlimit' parameter in all versions up to, and including, 3.6.3 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress plugin Live Sales Notification for Woocommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Live sales notification for WooCommerce plugin missing authorization vulnerability
WordPress Live sales notification for WooCommerce plugin is a real-time sales notification tool designed for WooCommerce e-commerce platform, which displays recent purchases through pop-ups, and utilizes social proof to boost user trust and conversion rates. The WordPress Live sales notification...
EUVD-2025-197968
The Live sales notification for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.3.39. This is due to the "getOrders" function lacking proper authorization and capability checks when the plugin is configured to display recent order...
CVE-2025-12955
The CVE-2025-12955 issue affects the WordPress plugin Live Sales Notification for WooCommerce (versions up to and including 2.3.39). The root cause is missing authorization and capability checks in the getOrders function when configured to display recent orders, allowing unauthenticated users to ...
CVE-2025-12955 Live sales notification for WooCommerce <= 2.3.39 - Missing Authorization to Unauthenticated Customer Data Exposure
The Live sales notification for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.3.39. This is due to the "getOrders" function lacking proper authorization and capability checks when the plugin is configured to display recent order...
WordPress plugin Live sales notification for WooCommerce 安全漏洞
WordPress Live sales notification for WooCommerce plugin is a real-time sales notification tool designed for WooCommerce e-commerce platform, which displays recent purchases through pop-ups, and utilizes social proof to boost user trust and conversion rates. The WordPress Live sales notification...
CVE-2023-1087
The WC Sales Notification WordPress plugin before 1.2.3 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...
CVE-2024-12416
The Live Sales Notification for Woocommerce – Woomotiv plugin for WordPress is vulnerable to SQL Injection via the 'woomotivseenproducts.' cookie in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
WordPress Woomotiv plugin <= 3.6.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Frissi0n in WordPress Plugin Live Sales Notification for Woocommerce - Woomotiv versions = 3.6.1...
CVE-2024-1325
The Live Sales Notification for Woocommerce – Woomotiv plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.3. This is due to missing or incorrect nonce validation on the 'ajaxcancelreview' function. This makes it possible for unauthenticated...