171 matches found
CVE-2023-37894
Unauth. Reflected Cross-Site Scripting XSS vulnerability in RadiusTheme Variation Images Gallery for WooCommerce plugin = 2.3.3 versions...
CVE-2023-37894
CVE-2023-37894 affects RadiusTheme Variation Images Gallery for WooCommerce (WordPress plugin) versions = 2.3.4 mitigates the vulnerability. The vulnerability details specify that exploitation does not require authentication and can be triggered via reflected input in the affected gallery feature...
CVE-2023-37975 WordPress Variation Swatches for WooCommerce Plugin <= 2.3.7 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin = 2.3.7 versions...
CVE-2023-37975
CVE-2023-37975 concerns RadiusTheme Variation Swatches for WooCommerce (WordPress plugin) before 2.3.8. It is an unauthenticated Reflected Cross‑Site Scripting (XSS) vulnerability in versions
CVE-2023-37975 WordPress Variation Swatches for WooCommerce Plugin <= 2.3.7 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in RadiusTheme Variation Swatches for WooCommerce plugin = 2.3.7 versions...
WordPress Plugin RadiusTheme Variation Images Gallery for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Plugin RadiusTheme Variation Swatches for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2023-26165 · WordPress · Radiustheme Variation Images Gallery
Name of the Vulnerable Software and Affected Versions: RadiusTheme Variation Images Gallery for WooCommerce plugin versions prior to 2.3.3 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into the...
WordPress Premmerce Variation Swatches for WooCommerce Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Premmerce Variation Swatches for WooCommerce Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Premmerce PSID 2a04ac1c6e8a Credits Rafie...
WordPress WooCommerce Variation Swatches for Products Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
Software WooCommerce Variation Swatches for Products Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2750602126f2 Credits Rafie...
WordPress Swatchly – WooCommerce Variation Swatches for Products Plugin <= 1.2.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Swatchly – WooCommerce Variation Swatches for Products Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.2.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23792 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...
WordPress TH Variation Swatches Plugin <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software TH Variation Swatches Type Plugin Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-28688 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID c365052e6ec0 Credits István Márton...
GHSA-QQV9-GQH5-7H99 Snipe-IT allows attackers to check whether a user account exists
Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request...
Psudohash - Password List Generator That Focuses On Keywords Mutated By Commonly Used Password Creation Patterns
psudohash is a password list generator for orchestrating brute force attacks. It imitates certain password creation patterns commonly used by humans, like substituting a word's letters with symbols or numbers, using char-case variations, adding a common padding before or after the word and more. ...
WordPress GS Variation Swatches for WooCommerce plugin <= 1.5.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress GS Variation Swatches for WooCommerce plugin versions = 1.5.0. Solution Update the WordPress GS Variation Swatches for WooCommerce plugin to the latest available version at least 1.6.0...
WordPress XT Variation Swatches for WooCommerce plugin <= 1.8.0 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress XT Variation Swatches for WooCommerce plugin versions = 1.8.0. Solution Update the WordPress XT Variation Swatches for WooCommerce plugin to the latest available version at least 1.8.1...
WordPress Premmerce Variation Swatches for WooCommerce plugin <= 1.2.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Premmerce Variation Swatches for WooCommerce plugin versions = 1.2.0. Solution Update the WordPress Premmerce Variation Swatches for WooCommerce plugin to the latest available version at least 1.2.1...
WordPress Premmerce Variation Swatches for WooCommerce plugin <= 1.2.0 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Premmerce Variation Swatches for WooCommerce plugin versions = 1.2.0. Solution Update the WordPress Premmerce Variation Swatches for WooCommerce plugin to the latest available version at least 1.2.1...
WordPress WooCommerce Variation Swatches for Products plugin <= 1.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WooCommerce Variation Swatches for Products plugin versions = 1.1. Solution No patched version available...
CVE-2021-42367
The Variation Swatches for WooCommerce WordPress plugin is vulnerable to Stored Cross-Site Scripting via several parameters found in the /includes/class-menu-page.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.1.1. Due to missing authorization...