EUVD-2023-46178

Malicious code in bioql PyPI...

EUVD-2023-46177

Malicious code in bioql PyPI...

CVE-2023-41685

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ilGhera Woocommerce Support System allows SQL Injection.This issue affects Woocommerce Support System: from n/a through 1.2.1...

CVE-2023-41686 WordPress Woocommerce Support System plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ilGhera Woocommerce Support System allows Cross Site Request Forgery.This issue affects Woocommerce Support System: from n/a through 1.2.2...

PT-2024-12955 · Unknown · Woocommerce Support System

Name of the Vulnerable Software and Affected Versions: WooCommerce Support System versions 1.2.0 through 1.2.2 Description: A Cross-Site Request Forgery CSRF issue affects the WooCommerce Support System, allowing unauthorized actions. Users are advised to update to the latest version to mitigate...

WordPress plugin Woocommerce Support System 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Woocommerce Support System <= 1.2.1 - Missing Authorization

Description The Woocommerce Support System plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on several functions hook via 'init', 'admininit', and AJAX actions in versions up to, and including, 1.2.1. This makes it possible...

Woocommerce Support System <= 1.2.1 - Authenticated (Administrator+) SQL Injection via 'orderby'

Description The Woocommerce Support System plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in versions up to, and including, 1.2.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...

CVE-2023-41685

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ilGhera Woocommerce Support System allows SQL Injection.This issue affects Woocommerce Support System: from n/a through 1.2.1...

CVE-2023-41685

CVE-2023-41685 affects the WordPress plugin ilGhera Woocommerce Support System. The vulnerability is an SQL Injection due to improper neutralization of input in the plugin, with affected versions listed as

CVE-2023-41685 WordPress Woocommerce Support System plugin <= 1.2.1 - SQL Injection vulnerability

A vulnerability in ilGhera Woocommerce Support System wc-support-system.This issue affects Woocommerce Support System: from n/a through = 1.2.1...

WordPress Plugin Woocommerce Support System SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

WordPress Woocommerce Support System Plugin <= 1.2.2 is vulnerable to Broken Access Control

Software Woocommerce Support System Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-41686 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e64e405c119f Credits Mika Require...

WordPress Woocommerce Support System Plugin <= 1.2.1 is vulnerable to SQL Injection

Software Woocommerce Support System Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-41685 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID c2b73ca8019a Credits Mika Required privilege Administrator...