CVE-2024-8724

The Waitlist Woocommerce Back in stock notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.7.5. This makes it possible for unauthenticated attackers to inject...

CVE-2024-43134

Missing Authorization vulnerability in xootix Waitlist Woocommerce Back in stock notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Waitlist Woocommerce Back in stock notifier : from n/a through 2.6...

CVE-2024-43134 WordPress Waitlist Woocommerce plugin <= 2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in xootix Waitlist Woocommerce Back in stock notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Waitlist Woocommerce Back in stock notifier : from n/a through 2.6...

CVE-2024-43134 WordPress Waitlist Woocommerce plugin <= 2.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in xootix Waitlist Woocommerce Back in stock notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Waitlist Woocommerce Back in stock notifier : from n/a through 2.6...

PT-2024-30323 · WordPress · Waitlist Woocommerce

Name of the Vulnerable Software and Affected Versions: Waitlist Woocommerce Back in stock notifier versions n/a through 2.6 Description: The issue affects the Waitlist Woocommerce Back in stock notifier plugin due to a Missing Authorization vulnerability. This vulnerability allows exploitation of...

WordPress plugin Waitlist Woocommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Waitlist Woocommerce ( Back in stock notifier ) plugin <= 2.7.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Waitlist Woocommerce Back in stock notifier versions = 2.7.5...

CVE-2024-8724

The Waitlist Woocommerce Back in stock notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.7.5. This makes it possible for unauthenticated attackers to inject...

CVE-2024-8724 Waitlist Woocommerce ( Back in stock notifier ) <= 2.7.5 - Reflected Cross-Site Scripting

The Waitlist Woocommerce Back in stock notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.7.5. This makes it possible for unauthenticated attackers to inject...

CVE-2024-8724 Waitlist Woocommerce ( Back in stock notifier ) <= 2.7.5 - Reflected Cross-Site Scripting

The Waitlist Woocommerce Back in stock notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.7.5. This makes it possible for unauthenticated attackers to inject...

CVE-2024-8724

CVE-2024-8724 affects the WordPress Waitlist Woocommerce (Back in stock notifier) plugin. A reflected XSS exists in all versions up to 2.7.5 due to improper escaping when constructing URLs with add_query_arg, enabling unauthenticated attackers to inject scripts if a user clicks a manipulated link...

WordPress Waitlist Woocommerce plugin <= 2.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Waitlist Woocommerce Back in stock notifier versions = 2.6...

WordPress Waitlist Woocommerce ( Back in stock notifier ) Plugin <= 2.6 is vulnerable to Broken Access Control

Software Waitlist Woocommerce Back in stock notifier Type Plugin Vulnerable versions = 2.6 Fixed in 2.6.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43134 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 01b4cf6b7218 Credits Abd...

WordPress Waitlist Woocommerce ( Back in stock notifier ) Plugin <= 2.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Waitlist Woocommerce Back in stock notifier Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.5.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 07a10e93bdb4 Credits N/...

CVE-2022-0215

The Login/Signup Popup, Waitlist Woocommerce Back in stock notifier , and Side Cart Woocommerce Ajax WordPress plugins by XootiX are vulnerable to Cross-Site Request Forgery via the savesettings function found in the /includes/xoo-framework/admin/class-xoo-admin-settings.php file which makes it...

Cross site request forgery (csrf)

The Login/Signup Popup, Waitlist Woocommerce Back in stock notifier , and Side Cart Woocommerce Ajax WordPress plugins by XootiX are vulnerable to Cross-Site Request Forgery via the savesettings function found in the /includes/xoo-framework/admin/class-xoo-admin-settings.php file which makes it...

WordPress plugins affected by critical vulnerability impacting 84,000 websites

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. WordPress powers over 43.0% of all the websites on the Internet. A Cross-Site Request Forgery vulnerability CVE-2022-0215 was discovered in three plugins of WordPress. This flaw made it possible for an attacker to update...