33 matches found
CVE-2025-26553
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spring Devs Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin wc-pre-order allows Reflected XSS.This issue affects Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin:...
CVE-2024-43943
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wpsoul Greenshift Woocommerce Addon allows SQL Injection.This issue affects Greenshift Woocommerce Addon: from n/a before 1.9.8...
PT-2024-16337 · WordPress · Wishlist For Woocommerce: Multi Wishlists Per Customer
Name of the Vulnerable Software and Affected Versions: The Wishlist for WooCommerce: Multi Wishlists Per Customer PRO plugin for WordPress versions 3.0.8 through 3.1.2 Description: The issue is related to Reflected Cross-Site Scripting due to insufficient input sanitization and output escaping vi...
CVE-2024-43943
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wpsoul Greenshift Woocommerce Addon allows SQL Injection.This issue affects Greenshift Woocommerce Addon: from n/a before 1.9.8...
CVE-2024-43943 WordPress Greenshift Woocommerce Addon plugin < 1.9.8 - Subscriber+ SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wpsoul Greenshift Woocommerce Addon allows SQL Injection.This issue affects Greenshift Woocommerce Addon: from n/a before 1.9.8...
CVE-2024-43943 WordPress Greenshift Woocommerce Addon plugin < 1.9.8 - Subscriber+ SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Wpsoul Greenshift Woocommerce Addon allows SQL Injection.This issue affects Greenshift Woocommerce Addon: from n/a before 1.9.8...
CVE-2024-43943
CVE-2024-43943 is an SQL Injection in the Greenshift WooCommerce Addon (Wpsoul Greenshift WooCommerce Addon) and affects before version 1.9.8. The connected documents confirm the vulnerability and indicate the fix is in 1.9.8 or later; no explicit exploitation details are provided. Remediation: u...
WordPress plugin Wpsoul Greenshift Woocommerce Addon SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...
WordPress Greenshift Woocommerce Addon plugin < 1.9.8 - Subscriber+ SQL Injection vulnerability
Subscriber+ SQL Injection vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Greenshift Woocommerce Addon versions 1.9.8...
WordPress Greenshift Woocommerce Addon Plugin < 1.9.8 is vulnerable to SQL Injection
Software Greenshift Woocommerce Addon Type Plugin Vulnerable versions 1.9.8 Fixed in 1.9.8 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43943 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 998dac6720c9 Credits Dave Jong Patchstack Required...
CVE-2024-35662
Missing Authorization vulnerability in Andreas Sofantzis Simple COD Fees for WooCommerce.This issue affects Simple COD Fees for WooCommerce: from n/a through 2.0.2...
WordPress plugin All in One B2B for WooCommerce Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress 插件跨站请求伪造漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. Countdown and CountUp WooCommerce Sales Timer...