CVE-2025-69378

Incorrect Privilege Assignment vulnerability in XforWooCommerce Product Filter for WooCommerce prdctfltr allows Privilege Escalation.This issue affects Product Filter for WooCommerce: from n/a through = 9.1.2...

CVE-2025-69378

Incorrect Privilege Assignment vulnerability in XforWooCommerce Product Filter for WooCommerce prdctfltr allows Privilege Escalation.This issue affects Product Filter for WooCommerce: from n/a through = 9.1.2...

CVE-2025-68994

Missing Authorization vulnerability in XforWooCommerce Product Loops for WooCommerce product-loops allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Loops for WooCommerce: from n/a through = 2.1.2...

EUVD-2025-205742

Missing Authorization vulnerability in XforWooCommerce Product Loops for WooCommerce product-loops allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Loops for WooCommerce: from n/a through = 2.1.2...

EUVD-2025-205743

Missing Authorization vulnerability in XforWooCommerce Share, Print and PDF Products for WooCommerce share-print-pdf-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share, Print and PDF Products for WooCommerce: from n/a through = 3.1.2...

CVE-2025-68993

Missing Authorization vulnerability in XforWooCommerce Share, Print and PDF Products for WooCommerce share-print-pdf-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share, Print and PDF Products for WooCommerce: from n/a through = 3.1.2...

PT-2025-53883

Name of the Vulnerable Software and Affected Versions XforWooCommerce Product Loops for WooCommerce versions through 2.1.2 Description An authorization issue exists in XforWooCommerce Product Loops for WooCommerce. The issue involves incorrectly configured access control security levels,...

EUVD-2024-31344

Malicious code in bioql PyPI...

EUVD-2021-34164

Malicious code in bioql PyPI...

CVE-2021-4337

Sixteen XforWooCommerce Add-On Plugins for WordPress are vulnerable to authorization bypass due to a missing capability check on the wpajaxsvxajaxfactory function in various versions listed below. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

CVE-2024-33628

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in XforWooCommerce allows PHP Local File Inclusion.This issue affects XforWooCommerce: from n/a through 2.0.2...

CVE-2024-33628

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in XforWooCommerce allows PHP Local File Inclusion.This issue affects XforWooCommerce: from n/a through 2.0.2...

CVE-2024-33628 WordPress XforWooCommerce plugin <= 2.0.2 - Authenticated Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in XforWooCommerce allows PHP Local File Inclusion.This issue affects XforWooCommerce: from n/a through 2.0.2...

CVE-2024-33628 WordPress XforWooCommerce plugin <= 2.0.2 - Authenticated Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in XforWooCommerce allows PHP Local File Inclusion.This issue affects XforWooCommerce: from n/a through 2.0.2...

WordPress XforWooCommerce plugin <= 2.0.2 - Authenticated Local File Inclusion vulnerability

Authenticated Local File Inclusion vulnerability discovered by Dave Jong Patchstack in WordPress Plugin XforWooCommerce versions = 2.0.2...

WordPress XforWooCommerce Plugin <= 2.0.2 is vulnerable to Local File Inclusion

Software XforWooCommerce Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-33628 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID c41c6a05c14e Credits Dave Jong Patchstack Required privilege...

CVE-2021-4337

Sixteen XforWooCommerce Add-On Plugins for WordPress are vulnerable to authorization bypass due to a missing capability check on the wpajaxsvxajaxfactory function in various versions listed below. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

CVE-2021-4337 Multiple XforWooCommerce Add-On Plugins (Various Versions) - Missing Authorization

Sixteen XforWooCommerce Add-On Plugins for WordPress are vulnerable to authorization bypass due to a missing capability check on the wpajaxsvxajaxfactory function in various versions listed below. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

WordPress Plugin Sixteen XforWooCommerce Add-On Plugins 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress XforWooCommerce plugin <=1.6.4 - Multiple vulnerabilities

Multiple vulnerabilities Authenticated Arbitrary WordPress Options Change, Read and Deletion / Authenticated User Enumeration / Authenticated Plugin Settings Change, Import and Export were discovered by Jerome Bruandet NinTechNet in the WordPress XforWooCommerce plugin versions =1.6.4. Solution...