Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-8401

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00596EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/04/25 12:0 a.m.4 views

WordPress plugin Upsell Funnel Builder for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.2AI score0.00339EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2025/03/28 10:29 a.m.352 views

Exploit for CVE-2025-30772

🚨 CVE-2025-30772 - Privilege Escalation in WPC Smart Upsell Fu...

8.8CVSS9AI score0.00596EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2025/03/28 12:0 a.m.11 views

WordPress WPC Smart Upsell Funnel for WooCommerce 3.0.4 Privilege Escalation

A missing authorization vulnerability in the WPC Smart Upsell Funnel for WooCommerce plugin versions through 3.0.4 allows authenticated users with minimal privileges e.g., subscriber to escalate their privileges by modifying arbitrary WordPress options via a vulnerable AJAX endpoint...

8.8CVSS7AI score0.00596EPSS
Exploits1
Patchstack
Patchstack
added 2025/03/27 9:34 p.m.8 views

WordPress WPC Smart Upsell Funnel for WooCommerce plugin <= 3.0.4 - Arbitrary Option Update to Privilege Escalation vulnerability

Arbitrary Option Update to Privilege Escalation vulnerability discovered by LVT-tholv2k in WordPress Plugin WPC Smart Upsell Funnel for WooCommerce versions = 3.0.4...

8.8CVSS7AI score0.00596EPSS
Exploits1Affected Software1
Cvelist
Cvelist
added 2025/03/27 10:54 a.m.22 views

CVE-2025-30772 WordPress WPC Smart Upsell Funnel for WooCommerce plugin <= 3.0.4 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in WPClever WPC Smart Upsell Funnel for WooCommerce wpc-smart-upsell-funnel allows Privilege Escalation.This issue affects WPC Smart Upsell Funnel for WooCommerce: from n/a through = 3.0.4...

8.8CVSS0.00596EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/03/27 12:0 a.m.10 views

PT-2025-13058 · Woocommerce · Wpc Smart Upsell Funnel

Name of the Vulnerable Software and Affected Versions: WPC Smart Upsell Funnel for WooCommerce versions 3.0.4 and earlier Description: The issue is related to a Missing Authorization vulnerability that allows Privilege Escalation in WPC Smart Upsell Funnel for WooCommerce. This vulnerability can ...

8.8CVSS8.8AI score0.00596EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.11 views

WordPress plugin WPC Smart Upsell Funnel for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS8.4AI score0.00596EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/12/21 7:3 a.m.19 views

CVE-2024-11938 One Click Upsell Funnel for WooCommerce <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via wps_wocuf_pro_yes Shortcode

The One Click Upsell Funnel for WooCommerce – Funnel Builder for WordPress, Create WooCommerce Upsell, Post-Purchase Upsell & Cross Sell Offers that Boost Sales & Increase Profits with Sales Funnel Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...

6.4CVSS0.00338EPSS
Exploits0References4
CVE
CVE
added 2024/12/21 7:3 a.m.42 views

CVE-2024-11938

CVE-2024-11938 affects the One Click Upsell Funnel for WooCommerce – Free Funnel Builder to create WooCommerce Upsell (WordPress plugin). The vulnerability is a Stored Cross-Site Scripting (XSS) via the wps_wocuf_pro_yes shortcode attributes, caused by insufficient input sanitization and output e...

6.4CVSS5.7AI score0.00338EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/12/20 8:32 p.m.2 views

WordPress One Click Upsell Funnel for WooCommerce plugin <= 3.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via wps_wocuf_pro_yes Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wpswocufproyes Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin One Click Upsell Funnel for WooCommerce versions = 3.4.9...

6.4CVSS5.8AI score0.00338EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder