PT-2024-24305 · Woocommerce · Extra Product Options Builder For Woocommerce

Name of the Vulnerable Software and Affected Versions: Extra Product Options Builder for WooCommerce versions 1.2.104 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

WordPress WooCommerce PDF Invoice Builder Plugin <= 1.2.103 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce PDF Invoice Builder Type Plugin Vulnerable versions = 1.2.103 Fixed in 1.2.104 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-46076 Patch priority High CVSS severity High 7.1 Developer Edgar Rojas PSID e196625e8b7e Credits LEE S...

Cherokee Web Server 0.4.27 <= 1.2.104 DoS Vulnerability

Cherokee Web Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2020-10770 · Cherokee · Cherokee

Name of the Vulnerable Software and Affected Versions: Cherokee versions 1.2.104 and earlier Description: The issue allows remote attackers to trigger an out-of-bounds write in cherokee handler cgi add env pair in handler cgi.c by sending many request headers, as demonstrated by a GET request wit...