CVE-2026-9241

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 1.4.6. This is due to the getvalue function in classes/fixed/fixeduserrole.php trusting the attacker-controlled...

WordPress plugin FOX – Currency Switcher Professional for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

CVE-2025-47588

Improper Control of Generation of Code 'Code Injection' vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Code Injection.This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through = 4.5.9...

EUVD-2025-4392

Malicious code in bioql PyPI...

WordPress Calculate Prices based on Distance For WooCommerce plugin <= 1.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by ch4r0n in WordPress Plugin Calculate Prices based on Distance For WooCommerce versions = 1.3.5...

CVE-2025-32552

CVE-2025-32552 – Reflected Cross-Site Scripting in MSRP (RRP) Pricing for WooCommerce. Affected: MSRP (RRP) Pricing for WooCommerce

CVE-2025-22632

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in totalsoft WooCommerce Pricing – Product Pricing woo-pricing-table allows Stored XSS.This issue affects WooCommerce Pricing – Product Pricing: from n/a through = 1.0.9...

CVE-2025-22632

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in totalsoft WooCommerce Pricing – Product Pricing woo-pricing-table allows Stored XSS.This issue affects WooCommerce Pricing – Product Pricing: from n/a through = 1.0.9...

CVE-2025-22632

CVE-2025-22632 affects the WordPress plugin “WooCommerce Pricing – Product Pricing” (≤1.0.9) and is a Stored XSS vulnerability caused by improper input neutralization during page generation. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) yields a base score of 7.1 (High) and indicates ...

CVE-2025-22632 WordPress WooCommerce Pricing – Product Pricing plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in totalsoft WooCommerce Pricing – Product Pricing woo-pricing-table allows Stored XSS.This issue affects WooCommerce Pricing – Product Pricing: from n/a through = 1.0.9...

WordPress plugin WooCommerce Pricing – Product Pricing 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

WordPress WooCommerce Pricing – Product Pricing plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin WooCommerce Pricing – Product Pricing versions = 1.0.9...