Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-39873

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00221EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:37 a.m.7 views

CVE-2023-35880

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Brands plugin = 1.6.49 versions...

8.8CVSS7.1AI score0.00221EPSS
Exploits0
OSV
OSV
added 2025/02/12 5:15 a.m.3 views

CVE-2024-11746

The Discover the Best Woocommerce Product Brands Plugin for WordPress – Woocommerce Brands Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'productbrand' shortcode in all versions up to, and including, 1.3.2 due to insufficient input sanitization and outp...

5.4CVSS7.4AI score0.00349EPSS
Exploits0References3
NVD
NVD
added 2025/02/12 5:15 a.m.29 views

CVE-2024-11746

The Discover the Best Woocommerce Product Brands Plugin for WordPress – Woocommerce Brands Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'productbrand' shortcode in all versions up to, and including, 1.3.2 due to insufficient input sanitization and outp...

6.4CVSS0.00349EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/12 4:22 a.m.27 views

CVE-2024-11746 Discover the Best Woocommerce Product Brands Plugin for WordPress – Woocommerce Brands Plugin <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Discover the Best Woocommerce Product Brands Plugin for WordPress – Woocommerce Brands Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'productbrand' shortcode in all versions up to, and including, 1.3.2 due to insufficient input sanitization and outp...

6.4CVSS0.00349EPSS
Exploits0References3
CVE
CVE
added 2025/02/12 4:22 a.m.54 views

CVE-2024-11746

CVE-2024-11746 affects the WordPress plugin “Discover the Best Woocommerce Product Brands Plugin for WordPress – Woocommerce Brands Plugin” up to version 1.3.2. The issue is a Stored XSS via the product_brand shortcode due to insufficient input sanitization and output escaping on user-supplied at...

6.4CVSS5.7AI score0.00349EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2025/02/11 10:10 p.m.5 views

WordPress GS Woocommerce Brands plugin <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin GS Woocommerce Brands versions = 1.3.2...

6.4CVSS5.7AI score0.00349EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/08/30 12:15 p.m.3 views

CVE-2023-32746

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Brands plugin = 1.6.45 versions...

5.4CVSS7.3AI score0.00374EPSS
Exploits1References1
NVD
NVD
added 2023/08/30 12:15 p.m.18 views

CVE-2023-32746

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Brands plugin = 1.6.45 versions...

6.5CVSS5.8AI score0.00374EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/08/30 12:0 a.m.5 views

PT-2023-23994 · Woocommerce · Woocommerce Brands

Name of the Vulnerable Software and Affected Versions: WooCommerce WooCommerce Brands plugin versions = 1.6.45 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability requires authentication and affects users with contributor or higher permissions...

6.5CVSS5.8AI score0.00374EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.5 views

WordPress plugin WooCommerce Brands 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS6.5AI score0.00374EPSS
Exploits1References2
NVD
NVD
added 2023/07/17 2:15 p.m.13 views

CVE-2023-35880

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Brands plugin = 1.6.49 versions...

8.8CVSS0.00221EPSS
Exploits0References1
OSV
OSV
added 2023/07/17 2:15 p.m.5 views

CVE-2023-35880

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Brands plugin = 1.6.49 versions...

8.8CVSS7.3AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2023/07/17 1:40 p.m.34 views

CVE-2023-35880

CVE-2023-35880: CSRF in WooCommerce Brands (WordPress plugin)

8.8CVSS7AI score0.00221EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/17 1:40 p.m.19 views

CVE-2023-35880 WordPress WooCommerce Brands Plugin <= 1.6.49 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Brands plugin = 1.6.49 versions...

5.4CVSS9AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/17 12:0 a.m.3 views

WordPress Plugin WooCommerce Brands 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

8.8CVSS8.2AI score0.00221EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/06/19 12:0 a.m.10 views

WordPress WooCommerce Brands Plugin <= 1.6.49 is vulnerable to Cross Site Request Forgery (CSRF)

Software WooCommerce Brands Type Plugin Vulnerable versions = 1.6.49 Fixed in 1.6.50 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35880 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f5fc6ab7da71 Credits Rafie Muhammad...

8.8CVSS6.6AI score0.00221EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/15 12:0 a.m.10 views

WordPress WooCommerce Brands Plugin <= 1.6.45 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Brands Type Plugin Vulnerable versions = 1.6.45 Fixed in 1.6.46 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32746 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0ef0c0a8b9a1 Credits Rafie Muhammad...

6.5CVSS5.7AI score0.00374EPSS
Exploits1References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/15 12:0 a.m.8 views

WooCommerce Brands < 1.6.46 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks PoC Add a Brand with an image, and assign it...

5.5AI score0.00374EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2019/10/31 12:0 a.m.14 views

WordPress YITH WooCommerce Brands Add-On plugin <=1.3.6 - Authenticated Settings Change (YITH Plugin Framework <=3.3.8) vulnerability

Authenticated Settings Change YITH Plugin Framework =3.3.8 vulnerability found by Jerome Bruandet in WordPress YITH WooCommerce Brands Add-On plugin versions =1.3.6. Solution Update the WordPress YITH WooCommerce Brands Add-On plugin to the latest available version at least 1.3.7...

4.3CVSS3AI score0.00948EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder