Lucene search
K

196 matches found

NVD
NVD
added 2025/04/01 9:15 p.m.19 views

CVE-2025-31553

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFactory Advanced WooCommerce Product Sales Reporting webd-woocommerce-advanced-reporting-statistics allows SQL Injection.This issue affects Advanced WooCommerce Product Sales Reporting: from n/a...

9.3CVSS0.00509EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 3:16 p.m.27 views

CVE-2025-31848

Missing Authorization vulnerability in WPFactory Adverts adverts-click-tracker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Adverts: from n/a through = 1.4...

5.3CVSS0.00421EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 2:51 p.m.65 views

CVE-2025-31848

CVE-2025-31848 is a Missing Authorization vulnerability in the WordPress Adverts Plugin (WPFactory) related to the Adverts Click Tracker. Public data indicates impact on the plugin version range “n/a through 1.4” with a CVSS 3.1 base score of 5.3 (Medium) and the attack vector as network, no user...

5.3CVSS7.2AI score0.00421EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.9 views

PT-2025-14425 · WordPress · Wpfactory Advanced Woocommerce Product Sales Reporting

Name of the Vulnerable Software and Affected Versions: WPFactory Advanced WooCommerce Product Sales Reporting versions 3.1 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL...

9.3CVSS9.6AI score0.00509EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.6 views

PT-2025-14226 · WordPress · Wpfactory Wordpress Adverts Plugin

Name of the Vulnerable Software and Affected Versions: WPFactory WordPress Adverts Plugin versions 1.4 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: F...

5.3CVSS6AI score0.00421EPSS
Exploits0References3
NVD
NVD
added 2025/03/31 1:15 p.m.12 views

CVE-2025-31598

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Quantity Dynamic Pricing & Bulk Discounts for WooCommerce wholesale-pricing-woocommerce allows Stored XSS.This issue affects Quantity Dynamic Pricing & Bulk Discounts for WooCommerce: fro...

6.5CVSS0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 12:55 p.m.26 views

CVE-2025-31598 WordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 4.0.3 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Quantity Dynamic Pricing & Bulk Discounts for WooCommerce wholesale-pricing-woocommerce allows Stored XSS.This issue affects Quantity Dynamic Pricing & Bulk Discounts for WooCommerce: fro...

6.5CVSS0.00237EPSS
Exploits0References1
CVE
CVE
added 2025/03/31 12:55 p.m.68 views

CVE-2025-31598

CVE-2025-31598 is a stored XSS in the WordPress plugin “Quantity Dynamic Pricing & Bulk Discounts for WooCommerce” (

6.5CVSS7.2AI score0.00237EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 2:31 p.m.9 views

CVE-2025-22673

Missing Authorization vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through = 5.3.5...

4.3CVSS7.2AI score0.00247EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 11:53 a.m.4 views

CVE-2025-30781

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in WPFactory Scheduled & Automatic Order Status Controller for WooCommerce order-status-rules-for-woocommerce allows Phishing.This issue affects Scheduled & Automatic Order Status Controller for WooCommerce: from n/a through = 3.7.1...

4.7CVSS7.2AI score0.00436EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 2:15 p.m.12 views

CVE-2025-22673

Missing Authorization vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through = 5.3.5...

4.3CVSS0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/27 2:12 p.m.25 views

CVE-2025-22673 WordPress EAN Barcode Generator <= 5.3.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through = 5.3.5...

4.3CVSS0.00247EPSS
Exploits0References1
NVD
NVD
added 2025/03/27 11:15 a.m.4 views

CVE-2025-30781

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in WPFactory Scheduled & Automatic Order Status Controller for WooCommerce order-status-rules-for-woocommerce allows Phishing.This issue affects Scheduled & Automatic Order Status Controller for WooCommerce: from n/a through = 3.7.1...

4.7CVSS0.00436EPSS
Exploits0References1
CVE
CVE
added 2025/03/27 10:54 a.m.45 views

CVE-2025-30781

CVE-2025-30781 concerns the Scheduled & Automatic Order Status Controller for WooCommerce. It describes an Open Redirect vulnerability that could enable phishing by redirecting users to untrusted sites. Affected software ranges “from n/a through 3.7.1.” Connected vulnerability listings indicate t...

4.7CVSS8.7AI score0.00436EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/27 10:54 a.m.16 views

CVE-2025-30781 WordPress Scheduled & Automatic Order Status Controller for WooCommerce plugin <= 3.7.1 - Open Redirection Vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in WPFactory Scheduled & Automatic Order Status Controller for WooCommerce order-status-rules-for-woocommerce allows Phishing.This issue affects Scheduled & Automatic Order Status Controller for WooCommerce: from n/a through = 3.7.1...

4.7CVSS0.00436EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:45 p.m.15 views

CVE-2024-43127

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPFactory Products, Order & Customers Export for WooCommerce allows Reflected XSS.This issue affects Products, Order & Customers Export for WooCommerce: from n/a through 2.0.11...

7.1CVSS6.8AI score0.00284EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 9:22 a.m.5 views

CVE-2024-56228

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Wishlist for WooCommerce wish-list-for-woocommerce.This issue affects Wishlist for WooCommerce: from n/a through = 3.1.2...

7.1CVSS7.2AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:2 a.m.10 views

CVE-2024-49305

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFactory Email Verification for WooCommerce emails-verification-for-woocommerce allows SQL Injection.This issue affects Email Verification for WooCommerce: from n/a through = 2.8.10...

9.3CVSS5.9AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:8 a.m.7 views

CVE-2024-54332

Cross-Site Request Forgery CSRF vulnerability in WPFactory WP Currency Exchange Rates wp-currency-exchange-rates allows Stored XSS.This issue affects WP Currency Exchange Rates: from n/a through = 1.2.0...

7.1CVSS7.2AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:1 a.m.5 views

CVE-2024-54209

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Awesome Shortcodes awesome-shortcodes allows Reflected XSS.This issue affects Awesome Shortcodes: from n/a through = 1.7.2...

7.1CVSS7.2AI score0.00259EPSS
Exploits0References1
Rows per page
Query Builder