29 matches found
CVE-2026-45444
Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files. This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6...
EUVD-2026-31149
Unrestricted Upload of File with Dangerous Type vulnerability in WP Swings Gift Cards For WooCommerce Pro allows Using Malicious Files. This issue affects Gift Cards For WooCommerce Pro: from n/a through 4.2.6...
CVE-2026-24375
Missing Authorization vulnerability in WP Swings Ultimate Gift Cards For WooCommerce woo-gift-cards-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Gift Cards For WooCommerce: from n/a through = 3.2.4...
CVE-2026-24375
Missing Authorization vulnerability in WP Swings Ultimate Gift Cards For WooCommerce woo-gift-cards-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Gift Cards For WooCommerce: from n/a through = 3.2.4...
PT-2026-20670
Missing Authorization vulnerability in WP Swings Ultimate Gift Cards For WooCommerce woo-gift-cards-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Gift Cards For WooCommerce: from n/a through = 3.2.4...
EUVD-2020-23293
Malware in sbrugna...
EUVD-2022-47569
Malicious code in bioql PyPI...
CVE-2025-47569
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Blind SQL Injection.This issue affects WooCommerce Ultimate Gift Card: from n/a through = 2.9.6...
CVE-2022-44633
Missing Authorization vulnerability in YITH YITH WooCommerce Gift Cards Premium.This issue affects YITH WooCommerce Gift Cards Premium: from n/a through 3.23.1...
CVE-2021-3120
An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. In order to exploit this vulnerability, an attacker must ...
CVE-2020-35627
Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image...
CVE-2024-13520 Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) <= 4.4.9 - Missing Authorization to Unauthenticated Price, Date, and Note Updates
The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...
CVE-2022-45359
Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin = 3.19.0 on WordPress...
CVE-2024-11423 Ultimate Gift Cards for WooCommerce <= 3.0.6 - Missing Authorization to Infinite Money Glitch
The Ultimate Gift Cards for WooCommerce – Create WooCommerce Gift Cards, Gift Vouchers, Redeem & Manage Digital Gift Coupons. Offer Gift Certificates, Schedule Gift Cards, and Use Advance Coupons With Personalized Templates plugin for WordPress is vulnerable to unauthorized modification of data d...
CVE-2024-0870
The YITH WooCommerce Gift Cards plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savemailstatus' and 'saveemailsettings' functions in all versions up to, and including, 4.12.0. This makes it possible for unauthenticated attackers to...
CVE-2024-0870
CVE-2024-0870 (YITH WooCommerce Gift Cards for WordPress) is an unauthenticated data-modification vulnerability caused by a missing capability check on save_mail_status and save_email_settings. Affected versions are all up to and including 4.12.0. The issue enables unauthenticated attackers to mo...
WordPress YITH WooCommerce Gift Cards Plugin <= 4.12.0 is vulnerable to Broken Access Control
Software YITH WooCommerce Gift Cards Type Plugin Vulnerable versions = 4.12.0 Fixed in 4.13.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-0870 Patch priority Low CVSS severity Low 5.3 Developer YITH PSID 8dd8ed435d7e Credits Francesco Carlucci Required...
CVE-2022-44633 WordPress YITH WooCommerce Gift Cards Premium plugin <= 3.23.1 - Unauth. Gift Card Creation Leading to Stored XSS vulnerability
Missing Authorization vulnerability in YITH YITH WooCommerce Gift Cards Premium.This issue affects YITH WooCommerce Gift Cards Premium: from n/a through 3.23.1...
PT-2024-11685 · Yith · Yith Woocommerce Gift Cards Premium
Name of the Vulnerable Software and Affected Versions: YITH WooCommerce Gift Cards Premium versions 3.23.1 and earlier Description: The issue is related to a Missing Authorization vulnerability. This vulnerability affects YITH WooCommerce Gift Cards Premium, allowing unauthorized access...
WordPress YITH WooCommerce Gift Cards Premium Plugin < 3.20.0 Arbitrary File Upload Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:yithemes:yithwoocommercegiftcards"; ifdescription...