WordPress EU/UK VAT Manager for WooCommerce plugin <= 2.12.12 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin EU/UK VAT Manager for WooCommerce versions = 2.12.12...

WordPress EU/UK VAT Manager for WooCommerce plugin <= 2.12.12 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Francesco Carlucci in WordPress Plugin EU/UK VAT Manager for WooCommerce versions = 2.12.12...

CVE-2024-9189

The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the algwceuvatexemptvatfromadmin function in all versions up to, and including, 2.12.12. This makes it possible for unauthenticated attackers to updat...

CVE-2024-9189 EU/UK VAT Manager for WooCommerce <= 2.12.12 - Missing Authorization

The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the algwceuvatexemptvatfromadmin function in all versions up to, and including, 2.12.12. This makes it possible for unauthenticated attackers to updat...

PT-2024-39478 · WordPress · Eu/Uk Vat Manager For Woocommerce

Name of the Vulnerable Software and Affected Versions: EU/UK VAT Manager for WooCommerce plugin for WordPress versions up to, and including, 2.12.12 Description: The issue allows unauthorized modification of data due to a missing capability check on the alg wc eu vat exempt vat from admin functio...