Lucene search
K

5 matches found

NVD
NVD
added 2024/12/17 8:15 a.m.18 views

CVE-2024-12220

The SMS for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forg...

6.1CVSS0.00217EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/17 7:23 a.m.16 views

CVE-2024-12220 SMS for WooCommerce <= 2.8.1 - Cross-Site Request Forgery to Reflected Cross-Site Scripting

The SMS for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forg...

6.1CVSS0.00217EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.3 views

WordPress plugin SMS for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

6.1CVSS8.2AI score0.00217EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.4 views

PT-2024-17491 · WordPress · Sms For Woocommerce

Name of the Vulnerable Software and Affected Versions: SMS for WooCommerce plugin for WordPress versions up to, and including, 2.8.1 Description: The issue is due to missing or incorrect nonce validation on a function, making it possible for unauthenticated attackers to inject malicious web scrip...

6.1CVSS9.4AI score0.00217EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/12/16 10:19 p.m.4 views

WordPress SMS for WooCommerce plugin <= 2.8.1 - Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin SMS for WooCommerce versions = 2.8.1...

6.1CVSS6.4AI score0.00217EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder