EUVD-2024-40058

Malicious code in bioql PyPI...

EUVD-2024-40059

Malicious code in bioql PyPI...

CVE-2024-43131

Incorrect Authorization vulnerability in WPWeb Docket WooCommerce Collections / Wishlist / Watchlist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Docket WooCommerce Collections / Wishlist / Watchlist: from n/a before 1.7.0...

CVE-2024-43132

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPWeb Elite Docket WooCommerce Collections / Wishlist / Watchlist allows SQL Injection.This issue affects Docket WooCommerce Collections / Wishlist / Watchlist: from n/a before 1.7.0...

CVE-2024-43132

CVE-2024-43132: Unauthenticated SQL Injection in WPWeb Elite Docket (WooCommerce Collections / Wishlist / Watchlist) prior to v1.7.0 due to improper neutralization of inputs. Exploitation details are not provided in the initial doc, but Wordfence notes the issue was patched in version 1.7.0. Affe...

CVE-2024-43131

Incorrect Authorization vulnerability in WPWeb Docket WooCommerce Collections / Wishlist / Watchlist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Docket WooCommerce Collections / Wishlist / Watchlist: from n/a before 1.7.0...

PT-2024-30320

Name of the Vulnerable Software and Affected Versions Docket WooCommerce Collections / Wishlist / Watchlist versions prior to 1.7.0 Description The issue is related to an Incorrect Authorization vulnerability, which allows accessing functionality not properly constrained by Access Control Lists...

WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin <= 1.6.6 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Docket WooCommerce Collections / Wishlist / Watchlist versions 1.7.0...

WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) plugin <= 1.6.6 - Unauthenticated Arbitrary Post/Page Deletion vulnerability

Unauthenticated Arbitrary Post/Page Deletion vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Docket WooCommerce Collections / Wishlist / Watchlist versions 1.7.0...

WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) Plugin < 1.7.0 is vulnerable to Arbitrary Content Deletion

Software Docket WooCommerce Collections / Wishlist / Watchlist Type Plugin Vulnerable versions 1.7.0 Fixed in 1.7.0 OWASP Top 10 A1: Broken Access Control Classification Arbitrary Content Deletion CVE CVE-2024-43131 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID...

WordPress Docket (WooCommerce Collections / Wishlist / Watchlist) Plugin < 1.7.0 is vulnerable to SQL Injection

Software Docket WooCommerce Collections / Wishlist / Watchlist Type Plugin Vulnerable versions 1.7.0 Fixed in 1.7.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43132 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 952a5b0e08da Credits Dave Jong...