40 matches found
WooCommerce Designer Pro <= 1.9.28 - Arbitrary File Read
WooCommerce Designer Pro theme for WordPress = 1.9.28 contains an arbitrary file read vulnerability caused by improper input validation, letting unauthenticated attackers read arbitrary files including sensitive configuration files, exploit requires no authentication. id: CVE-2025-10897 info: nam...
CVE-2026-57329
Subscriber Cross Site Scripting XSS in WooCommerce Designer Pro = 1.9.34 versions...
CVE-2026-57329 WordPress WooCommerce Designer Pro plugin <= 1.9.34 - Cross Site Scripting (XSS) vulnerability
Subscriber Cross Site Scripting XSS in WooCommerce Designer Pro = 1.9.34 versions...
EUVD-2026-40100
Subscriber Cross Site Scripting XSS in WooCommerce Designer Pro = 1.9.34 versions...
WordPress WooCommerce Designer Pro plugin <= 1.9.34 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WooCommerce Designer Pro versions = 1.9.34...
PT-2026-53290
Name of the Vulnerable Software and Affected Versions WooCommerce Designer Pro versions prior to 1.9.35 Description Cross Site Scripting XSS allows an attacker with subscriber privileges to execute malicious scripts in the browser of other users. Recommendations Update WooCommerce Designer Pro to...
Exploit for CVE-2025-6440
🧨 CVE-2025-6440 – WooCommerce Designer Pro Unrestricted File Upl...
CVE-2025-10897
The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read...
CVE-2025-10897
The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read...
CVE-2025-10897 WooCommerce Designer Pro <= 1.9.28 - Unauthenticated Arbitrary File Read
The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read...
EUVD-2025-37310
The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read...
CVE-2025-10897 WooCommerce Designer Pro <= 1.9.28 - Unauthenticated Arbitrary File Read
The WooCommerce Designer Pro theme for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.9.28. This makes it possible for unauthenticated attackers to read arbitrary files on the server, which can expose DB credentials when the wp-config.php file is read...
CVE-2025-10897
The CVE-2025-10897 vulnerability affects the WooCommerce Designer Pro plugin for WordPress (versions up to and including 1.9.28). It allows unauthenticated arbitrary file reads, enabling an attacker to read server files such as wp-config.php and potentially exposed database credentials. Wordfence...
WordPress WooCommerce Designer Pro plugin <= 1.9.28 - Unauthenticated Arbitrary File Read vulnerability
Unauthenticated Arbitrary File Read vulnerability discovered by István Márton in WordPress Plugin WooCommerce Designer Pro versions = 1.9.28...
PT-2025-44586
Name of the Vulnerable Software and Affected Versions WooCommerce Designer Pro versions up to and including 1.9.28 Description The WooCommerce Designer Pro theme for WordPress is susceptible to an arbitrary file read issue. This allows unauthenticated attackers to read arbitrary files on the...
WordPress plugin WooCommerce Designer Pro 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A path...
Exploit for CVE-2025-6440
Description WooCommerce Designer Pro plugin for WordPress c...
CVE-2025-6440
The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'wcdpsavecanvasdesignajax' function in all versions up to, and including, 1.9.26. This mak...
WordPress plugin WooCommerce Designer Pro 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
CVE-2025-6440
The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'wcdpsavecanvasdesignajax' function in all versions up to, and including, 1.9.26. This mak...