Lucene search
K

29 matches found

RedhatCVE
RedhatCVE
added 2026/05/26 2:12 p.m.14 views

CVE-2026-45444

Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files. This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6...

10CVSS5.8AI score0.00282EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/20 6:0 p.m.16 views

EUVD-2026-31149

Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files. This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6...

10CVSS5.8AI score0.00282EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.5 views

CVE-2026-24375

Missing Authorization vulnerability in WP Swings Ultimate Gift Cards For WooCommerce woo-gift-cards-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Gift Cards For WooCommerce: from n/a through = 3.2.4...

5.3CVSS0.00214EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:26 a.m.3 views

CVE-2026-24375

Missing Authorization vulnerability in WP Swings Ultimate Gift Cards For WooCommerce woo-gift-cards-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Gift Cards For WooCommerce: from n/a through = 3.2.4...

5.5AI score0.00214EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20670

Missing Authorization vulnerability in WP Swings Ultimate Gift Cards For WooCommerce woo-gift-cards-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Gift Cards For WooCommerce: from n/a through = 3.2.4...

5.5AI score0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-23293

Malware in sbrugna...

8.8CVSS8.6AI score0.01997EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-47569

Malicious code in bioql PyPI...

6.5CVSS9.1AI score0.00473EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 5:15 p.m.5 views

CVE-2025-47569

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Blind SQL Injection.This issue affects WooCommerce Ultimate Gift Card: from n/a through = 2.9.6...

9.3CVSS0.00579EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:14 a.m.8 views

CVE-2022-44633

Missing Authorization vulnerability in YITH YITH WooCommerce Gift Cards Premium.This issue affects YITH WooCommerce Gift Cards Premium: from n/a through 3.23.1...

6.5CVSS8.6AI score0.00473EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:29 p.m.10 views

CVE-2021-3120

An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. In order to exploit this vulnerability, an attacker must ...

10CVSS8AI score0.36781EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:38 p.m.10 views

CVE-2020-35627

Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image...

8.8CVSS7.7AI score0.01997EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2025/02/20 9:21 a.m.13 views

CVE-2024-13520 Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) <= 4.4.9 - Missing Authorization to Unauthenticated Price, Date, and Note Updates

The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...

5.3CVSS7.2AI score0.00289EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 10:24 p.m.8 views

CVE-2022-45359

Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin = 3.19.0 on WordPress...

9.8CVSS6.7AI score0.13514EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/01/08 11:9 a.m.261 views

CVE-2024-11423 Ultimate Gift Cards for WooCommerce <= 3.0.6 - Missing Authorization to Infinite Money Glitch

The Ultimate Gift Cards for WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem & Manage Digital Gift Coupons. Offer Gift Certificates, Schedule Gift Cards, and Use Advance Coupons With Personalized Templates plugin for WordPress is vulnerable to unauthorized modification of data d...

7.5CVSS0.00753EPSS
Exploits0References3
NVD
NVD
added 2024/05/14 4:15 p.m.16 views

CVE-2024-0870

The YITH WooCommerce Gift Cards plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savemailstatus' and 'saveemailsettings' functions in all versions up to, and including, 4.12.0. This makes it possible for unauthenticated attackers to...

5.3CVSS5.5AI score0.00504EPSS
Exploits0References2
CVE
CVE
added 2024/05/14 2:38 a.m.47 views

CVE-2024-0870

CVE-2024-0870 (YITH WooCommerce Gift Cards for WordPress) is an unauthenticated data-modification vulnerability caused by a missing capability check on save_mail_status and save_email_settings. Affected versions are all up to and including 4.12.0. The issue enables unauthenticated attackers to mo...

5.3CVSS6AI score0.00504EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/14 12:0 a.m.16 views

WordPress YITH WooCommerce Gift Cards Plugin <= 4.12.0 is vulnerable to Broken Access Control

Software YITH WooCommerce Gift Cards Type Plugin Vulnerable versions = 4.12.0 Fixed in 4.13.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-0870 Patch priority Low CVSS severity Low 5.3 Developer YITH PSID 8dd8ed435d7e Credits Francesco Carlucci Required...

5.3CVSS6.6AI score0.00504EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/21 5:44 p.m.19 views

CVE-2022-44633 WordPress YITH WooCommerce Gift Cards Premium plugin <= 3.23.1 - Unauth. Gift Card Creation Leading to Stored XSS vulnerability

Missing Authorization vulnerability in YITH YITH WooCommerce Gift Cards Premium.This issue affects YITH WooCommerce Gift Cards Premium: from n/a through 3.23.1...

6.5CVSS7.2AI score0.00473EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.6 views

PT-2024-11685 · Yith · Yith Woocommerce Gift Cards Premium

Name of the Vulnerable Software and Affected Versions: YITH WooCommerce Gift Cards Premium versions 3.23.1 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects YITH WooCommerce Gift Cards Premium, allowing unauthorized access...

6.5CVSS9.2AI score0.00473EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/08/30 12:0 a.m.17 views

WordPress YITH WooCommerce Gift Cards Premium Plugin < 3.20.0 Arbitrary File Upload Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:yithemes:yithwoocommercegiftcards"; ifdescription...

9.8CVSS6.9AI score0.13514EPSS
Exploits2References1
Rows per page
Query Builder