227 matches found
EUVD-2026-39683
Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale = 1.0.27 versions...
CVE-2026-9241
The FOX – Currency Switcher Professional for WooCommerce WordPress plugin (up to version 1.4.6) is affected by an Authorization Bypass through a user-controlled key. The flaw resides in get_value() in classes/fixed/fixed_user_role.php, which trusts the attacker-controlled $_REQUEST['wooc_order_us...
CVE-2026-4479
The WholeSale Products Dynamic Pricing Management WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress WholeSale Products Dynamic Pricing Management WooCommerce plugin <= 1.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting via Plugin Settings vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin WholeSale Products Dynamic Pricing Management WooCommerce versions = 1.2...
WordPress plugin WholeSale Products Dynamic Pricing Management 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
CVE-2026-27542
Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture woocommerce-wholesale-lead-capture allows Privilege Escalation.This issue affects Woocommerce Wholesale Lead Capture: from n/a through = 2.0.3.1...
CVE-2026-27540
Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture allows Using Malicious Files.This issue affects Woocommerce Wholesale Lead Capture: from n/a through 2.0.3.1...
CVE-2026-27540 WordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture allows Using Malicious Files.This issue affects Woocommerce Wholesale Lead Capture: from n/a through 2.0.3.1...
CVE-2026-27542 WordPress Woocommerce Wholesale Lead Capture plugin <= 2.0.3.1 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture woocommerce-wholesale-lead-capture allows Privilege Escalation.This issue affects Woocommerce Wholesale Lead Capture: from n/a through = 2.0.3.1...
CVE-2026-27542
Incorrect Privilege Assignment vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture allows Privilege Escalation.This issue affects Woocommerce Wholesale Lead Capture: from n/a through 2.0.3.1...
CVE-2026-27542
CVE-2026-27542 and CVE-2026-27540 affect the WordPress WooCommerce Wholesale Lead Capture plugin up to version 2.0.3.1. CVE-2026-27542 is an unauthenticated privilege-escalation in wwlc_create_user that can inject arbitrary WordPress capabilities (including administrator) during registration, ena...
WordPress plugin Woocommerce Wholesale Lead Capture 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Exploit for CVE-2026-27540
CVE-2026-27540-WordPress-Explo...
CVE-2026-27541
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.6...
EUVD-2026-9651
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.6...
CVE-2026-27541
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.6...
CVE-2026-27541 WordPress Wholesale Suite plugin <= 2.2.6 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.6...
CVE-2026-27541
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.6...
CVE-2026-27541 WordPress Wholesale Suite plugin <= 2.2.6 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.6...
CVE-2026-27541
CVE-2026-27541 pertains to the WordPress plugin Wholesale Suite (woocommerce-wholesale-prices)