CVE-2026-39672

Missing Authorization vulnerability in shiptime ShipTime: Discounted Shipping Rates shiptime-discount-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShipTime: Discounted Shipping Rates: from n/a through = 1.1.1...

EUVD-2026-20350

Missing Authorization vulnerability in shiptime ShipTime: Discounted Shipping Rates shiptime-discount-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShipTime: Discounted Shipping Rates: from n/a through = 1.1.1...

CVE-2026-39672

Missing Authorization vulnerability in shiptime ShipTime: Discounted Shipping Rates shiptime-discount-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShipTime: Discounted Shipping Rates: from n/a through = 1.1.1...

CVE-2026-39672 WordPress ShipTime: Discounted Shipping Rates plugin <= 1.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in shiptime ShipTime: Discounted Shipping Rates shiptime-discount-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShipTime: Discounted Shipping Rates: from n/a through = 1.1.1...

CVE-2026-39672

The connected sources confirm CVE-2026-39672 relates to the WordPress plugin ShipTime: Discounted Shipping Rates (shiptime-discount-shipping) with a Broken Access Control (Missing Authorization) vulnerability affecting version

CVE-2026-39672

Missing Authorization vulnerability in shiptime ShipTime: Discounted Shipping Rates shiptime-discount-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShipTime: Discounted Shipping Rates: from n/a through = 1.1.1...

CVE-2026-39672 WordPress ShipTime: Discounted Shipping Rates plugin <= 1.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in shiptime ShipTime: Discounted Shipping Rates shiptime-discount-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShipTime: Discounted Shipping Rates: from n/a through = 1.1.1...

CVE-2026-25456

Missing Authorization vulnerability in Aarsiv Groups Automated FedEx live/manual rates with shipping labels a2z-fedex-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Automated FedEx live/manual rates with shipping labels: from n/a through = 5.1....

CVE-2026-0678 Shipping Rates by City for WooCommerce <= 1.0.3 - Authenticated (Shop Manager+) SQL Injection via 'cities' Parameter

The Flat Shipping Rate by City for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the 'cities' parameter in all versions up to, and including, 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

CVE-2026-0678

The CVE-2026-0678 affects the WordPress plugin 'Shipping Rate By Cities' (Shipping Rates by City for WooCommerce). It is a time-based SQL Injection in the cities parameter for all versions up to 1.0.3 due to insufficient escaping and lack of proper query preparation. Exploitation requires Shop Ma...

WordPress Shipping Rates by City for WooCommerce plugin <= 1.0.3 - Authenticated (Shop Manager+) SQL Injection via 'cities' Parameter vulnerability

Authenticated Shop Manager+ SQL Injection via 'cities' Parameter vulnerability discovered by Nguyen Truong Roll - FPT IS in WordPress Plugin Shipping Rates by City for WooCommerce versions = 1.0.3...

EUVD-2023-41816

Malicious code in bioql PyPI...

CVE-2023-37989

Missing Authorization vulnerability in Easyship Easyship WooCommerce Shipping Rates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easyship WooCommerce Shipping Rates: from n/a through 0.9.0...

CVE-2025-2789

The MultiVendorX – Empower Your WooCommerce Store with a Dynamic Multivendor Marketplace – Build the Next Amazon, eBay, Etsy plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deletetablerateshippingrow function in all versions up to, and...

CVE-2023-37989

Missing Authorization vulnerability in Easyship Easyship WooCommerce Shipping Rates easyship-woocommerce-shipping-rates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easyship WooCommerce Shipping Rates: from n/a through = 0.9.0...

CVE-2023-37989 WordPress Easyship WooCommerce Shipping Rates plugin <= 0.9.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Easyship Easyship WooCommerce Shipping Rates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easyship WooCommerce Shipping Rates: from n/a through 0.9.0...

CVE-2023-37989

CVE-2023-37989 represents a Missing Authorization vulnerability in the Easyship WooCommerce Shipping Rates plugin for WordPress. Affected: Easyship WooCommerce Shipping Rates versions

WordPress plugin Easyship WooCommerce Shipping Rates 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin = 1.6.4.4 versions...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. GET /checkout/shippingrates crashes the server when checkout step has already advanced from Delivery step using the web. Server crashes and needs to be restarted. Details Denial of Service DoS describes a family o...