Lucene search
K

7 matches found

Patchstack
Patchstack
added 2 days ago3 views

WordPress CURCY – Multi Currency for WooCommerce – Smoothly on WooCommerce 9.x plugin <= 2.2.14 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by sterva - Teletronics in WordPress Plugin CURCY versions = 2.2.14...

5.4CVSS6AI score0.00255EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.19 views

CVE-2025-47563 WordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in villatheme CURCY woocommerce-multi-currency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CURCY: from n/a through = 2.3.7...

5.3CVSS0.00282EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/16 3:45 p.m.10 views

CVE-2025-47563 WordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in villatheme CURCY allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CURCY: from n/a through 2.3.7...

5.3CVSS6.9AI score0.00282EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/16 12:46 p.m.7 views

WordPress CURCY plugin <= 2.3.7 - Arbitrary Shortcode Execution vulnerability

Arbitrary Shortcode Execution vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin CURCY versions = 2.3.7...

5.3CVSS8.4AI score0.00282EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/03/06 10:18 p.m.4 views

WordPress CURCY - WooCommerce Multi Currency - Currency Switcher plugin <= 2.3.6 - Unauthenticated SQL Injection vulnerability

WordPress CURCY - WooCommerce Multi Currency - Currency Switcher plugin = 2.3.6 - Unauthenticated SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin CURCY versions = 2.3.6...

7.5CVSS8.1AI score0.00373EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/13 2:22 p.m.23 views

CVE-2022-46796 WordPress CURCY plugin <= 2.1.25 - Unauthenticated plugin settings change vulnerability

Missing Authorization vulnerability in VillaTheme CURCY allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CURCY: from n/a through 2.1.25...

6.5CVSS0.00637EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/10/15 12:0 a.m.16 views

WordPress CURCY Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Software CURCY Type Plugin Vulnerable versions = 2.2.3 Fixed in 2.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49283 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a6bd022fc477 Credits Dimas Maulana Required privilege...

7.1CVSS7AI score0.00292EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder