PT-2024-34195 · Wp Overnight · Woocommerce Pdf Invoices & Packing Slips

Name of the Vulnerable Software and Affected Versions: WooCommerce PDF Invoices & Packing Slips versions 3.8.6 and earlier Description: The issue is related to a Missing Authorization vulnerability in WP Overnight WooCommerce PDF Invoices & Packing Slips, which allows exploiting incorrectly...

WordPress PDF Invoices & Packing Slips for WooCommerce plugin <= 3.8.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WooCommerce PDF Invoices & Packing Slips versions = 3.8.6...

Wordpress Ninja Forms plugin 3.8.6 - 3.8.10 - Reflected XSS

Wordpress Ninja Forms plugin 3.8.6 - 3.8.10 - Reflected XSS vulnerability discovered by Erwan LR WPScan in WordPress Plugin Ninja Forms versions 3.8.6-3.8.10...

PT-2024-20788 · Unknown · Filecatalyst Direct

Name of the Vulnerable Software and Affected Versions: FileCatalyst Direct versions 3.8.6 through 3.8.8 Description: The web server in FileCatalyst Direct does not properly sanitize illegal characters in a URL, which can be displayed on a subsequent error page. This allows a malicious actor to...

CVE-2023-28422

Auth. admin+ Stored Cross-site Scripting XSS vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce = 3.8.6. versions...

Nextcloud 信息泄露漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication applications platform from Germany-based Nextcloud. nextcloud Richdocuments application in versions prior to 3.8.6 and 4.2.3 is vulnerable to an information disclosure vulnerability where the vulnerable...

CVE-2017-10899

SQL injection vulnerability in the A-Reserve and A-Reserve for MT cloud versions 3.8.6 and earlier allows an attacker to execute arbitrary SQL commands via unspecified vectors...