137 matches found
Abandoned Cart Lite for WooCommerce < 5.2.0 - Cross-Site Scripting
The Abandoned Cart Lite for WooCommerce and Abandoned Cart Pro for WooCommerce plugins for WordPress are vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 5.1.3 and 7.12.0 respectively, due to insufficient input sanitization and output escaping. i...
CVE-2026-57637
Unauthenticated Cross Site Request Forgery CSRF in Abandoned Cart Lite for WooCommerce = 6.8.0 versions...
CVE-2026-56010
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce = 10.4.0 versions...
EUVD-2026-39753
Unauthenticated Cross Site Request Forgery CSRF in Abandoned Cart Lite for WooCommerce = 6.8.0 versions...
CVE-2026-57637 WordPress Abandoned Cart Lite for WooCommerce plugin <= 6.8.0 - Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery CSRF in Abandoned Cart Lite for WooCommerce = 6.8.0 versions...
CVE-2026-57637
CVE-2026-57637 applies to the WordPress Abandoned Cart Lite for WooCommerce plugin (versions
CVE-2026-56010 WordPress Abandoned Cart Pro for WooCommerce plugin <= 10.4.0 - Privilege Escalation vulnerability
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce = 10.4.0 versions...
CVE-2026-56010
CVE-2026-56010 affects the WordPress plugin Abandoned Cart Pro for WooCommerce (versions
EUVD-2026-39686
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce = 10.4.0 versions...
WordPress Abandoned Cart Lite for WooCommerce plugin <= 6.8.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Abandoned Cart Lite for WooCommerce versions = 6.8.0...
WordPress Abandoned Cart Pro for WooCommerce plugin <= 10.4.0 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Austin Ginder in WordPress Plugin Abandoned Cart Pro for WooCommerce versions = 10.4.0...
WordPress Plugin Abandoned Cart Recovery for WooCommerce Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Abandoned Cart Recovery for WooCommerce has a cross-site scripting vulnerabili...
CVE-2026-32526
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery allows Stored XSS.This issue affects Abandoned Cart Recovery for WooCommerce: from n/a through = 1.1.10...
EUVD-2026-15891
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery allows Stored XSS.This issue affects Abandoned Cart Recovery for WooCommerce: from n/a through = 1.1.10...
CVE-2026-32526
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery allows Stored XSS.This issue affects Abandoned Cart Recovery for WooCommerce: from n/a through = 1.1.10...
CVE-2026-32526 WordPress Abandoned Cart Recovery for WooCommerce plugin <= 1.1.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery allows Stored XSS.This issue affects Abandoned Cart Recovery for WooCommerce: from n/a through = 1.1.10...
CVE-2026-32526 WordPress Abandoned Cart Recovery for WooCommerce plugin <= 1.1.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery allows Stored XSS.This issue affects Abandoned Cart Recovery for WooCommerce: from n/a through = 1.1.10...
CVE-2026-32526
CVE-2026-32526 affects the WordPress plugin VillaTheme Abandoned Cart Recovery for WooCommerce (woo-abandoned-cart-recovery), version range: = 1.1.11) or apply vendor-provided fixes where available. Documentation in connected sources consistently identifies this as a Stored XSS affecting the plug...
CVE-2026-32526
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VillaTheme Abandoned Cart Recovery for WooCommerce woo-abandoned-cart-recovery allows Stored XSS.This issue affects Abandoned Cart Recovery for WooCommerce: from n/a through = 1.1.10...
PT-2026-28040
Name of the Vulnerable Software and Affected Versions VillaTheme Abandoned Cart Recovery for WooCommerce versions through 1.1.10 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, specifically a Cross-site Scripting condition. This allows for...