EUVD-2023-38128

Malicious code in bioql PyPI...

EUVD-2023-38127

Malicious code in bioql PyPI...

CVE-2024-24799

Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2...

CVE-2023-34004

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Box Office plugin = 1.1.50 versions...

CVE-2023-34003

Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51...

CVE-2023-34003

Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51...

CVE-2023-34003

Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51...

PT-2024-12459 · Woocommerce · Woocommerce Box Office

Name of the Vulnerable Software and Affected Versions: WooCommerce Box Office versions 1.1.51 and earlier Description: The issue is related to a Missing Authorization vulnerability in Woo WooCommerce Box Office. This vulnerability affects the authorization mechanism, potentially allowing...

WordPress plugin WooCommerce Box Office Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-24799

Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2...

WordPress Plugin WooCommerce Box Office 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2024-20567 · Woocommerce · Woocommerce Box Office

Name of the Vulnerable Software and Affected Versions: WooCommerce Box Office versions 1.2.2 and earlier Description: The issue is related to a Missing Authorization vulnerability in WooCommerce Box Office. Recommendations: For versions 1.2.2 and earlier, update to a version that contains a fix f...

WordPress WooCommerce Box Office Plugin <= 1.2.2 is vulnerable to Broken Access Control

Software WooCommerce Box Office Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-24799 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2e62ee904d23 Credits Rafie Muhammad...

CVE-2023-34004

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Box Office plugin = 1.1.50 versions...

PT-2023-24623 · WordPress · Woocommerce Box Office

Name of the Vulnerable Software and Affected Versions: WooCommerce Box Office plugin versions = 1.1.50 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by authenticated users with contributor or higher permissions. There is ...

WordPress plugin WooCommerce Box Office 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress WooCommerce Box Office Plugin <= 1.1.50 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Box Office Type Plugin Vulnerable versions = 1.1.50 Fixed in 1.1.51 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-34004 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 270c72521204 Credits Rafie Muhammad...

WooCommerce Box Office < 1.1.51 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC tickets columns='111"...