2 matches found
PT-2024-27581
Name of the Vulnerable Software and Affected Versions Woffice Core versions through 5.4.8 Description A Cross Site Scripting XSS vulnerability in WofficeIO Woffice Core allows Reflected XSS. Recommendations For versions through 5.4.8, update to a version later than 5.4.8 to resolve the issue. At...
CVE-2023-2893
The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the processdeactivateproduct function. This makes it possible for unauthenticated attackers to deactivate products via ...