13 matches found
CVE-2026-49110
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...
CVE-2026-49110
The CVE-2026-49110 entry concerns the WordPress plugin Upsell Order Bump Offer for WooCommerce, affected in versions <= 3.1.4. It describes an Unauthenticated Broken Authentication vulnerability enabling price manipulation in Upsell Order Bump offers. CVSSv3.1 metrics indicate Network attack v...
CVE-2026-49110 WordPress Upsell Order Bump Offer for WooCommerce plugin <= 3.1.4 - Price Manipulation vulnerability
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...
EUVD-2026-36885
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...
PT-2026-49510
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...
WordPress Upsell Order Bump Offer for WooCommerce plugin <= 3.1.4 - Price Manipulation vulnerability
Price Manipulation vulnerability discovered by Jakub Herman in WordPress Plugin Upsell Order Bump Offer for WooCommerce versions = 3.1.4...
EUVD-2025-30484
Malicious code in bioql PyPI...
CVE-2025-59565
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Swings Upsell Order Bump Offer for WooCommerce upsell-order-bump-offer-for-woocommerce allows Stored XSS.This issue affects Upsell Order Bump Offer for WooCommerce: from n/a through = 3.0.7...
CVE-2025-59565
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Swings Upsell Order Bump Offer for WooCommerce upsell-order-bump-offer-for-woocommerce allows Stored XSS.This issue affects Upsell Order Bump Offer for WooCommerce: from n/a through = 3.0.7...
WordPress Upsell Order Bump Offer for WooCommerce Plugin <= 3.0.7 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Upsell Order Bump Offer for WooCommerce versions = 3.0.7...
CVE-2025-59565 WordPress Upsell Order Bump Offer for WooCommerce Plugin <= 3.0.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Swings Upsell Order Bump Offer for WooCommerce upsell-order-bump-offer-for-woocommerce allows Stored XSS.This issue affects Upsell Order Bump Offer for WooCommerce: from n/a through = 3.0.7...
CVE-2025-59565
CVE-2025-59565 is a Stored XSS in the Upsell Order Bump Offer for WooCommerce WordPress plugin affecting versions up to 3.0.7. Root cause: improper input neutralization during web page generation. Impact: attacker-supplied script stored on vulnerable sites; Wordfence notes patch status as Patched...
WordPress plugin Upsell Order Bump Offer for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...