EUVD-2024-33257

Malicious code in bioql PyPI...

EUVD-2024-37535

Malicious code in bioql PyPI...

CVE-2024-10711

The WooCommerce Report plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update arbitrary...

CVE-2024-10711

The WooCommerce Report plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update arbitrary...

CVE-2024-10711 WooCommerce Report <= 1.5.1 - Cross-Site Request Forgery to Arbitrary Options Update

The WooCommerce Report plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update arbitrary...

WordPress plugin WooCommerce Report 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site request forgery...

WordPress WooCommerce Report plugin <= 1.5.1 - Cross-Site Request Forgery to Arbitrary Options Update vulnerability

Cross-Site Request Forgery to Arbitrary Options Update vulnerability discovered by vgo0 in WordPress Plugin WooCommerce Report versions = 1.5.1...

WordPress WooCommerce Report Plugin <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WooCommerce Report Type Plugin Vulnerable versions = 1.5.1 Fixed in 1.5.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-10711 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 82fefa4847b3 Credits vgo0 Required...

CVE-2024-38683

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in iThemelandCo WooCommerce Report allows Reflected XSS.This issue affects WooCommerce Report: from n/a through 1.4.5...

WordPress WooCommerce Report plugin <= 1.4.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin WooCommerce Report versions = 1.4.5...

WordPress WooCommerce Report Plugin <= 1.4.5 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Report Type Plugin Vulnerable versions = 1.4.5 Fixed in 1.5.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38683 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d2a44e699bc6 Credits Le Ngoc Anh Required privileg...