PT-2024-11754 · Apiexperts · Apiexperts Square For Woocommerce

Name of the Vulnerable Software and Affected Versions: APIExperts Square for WooCommerce versions n/a through 4.4.1 Description: The issue affects the APIExperts Square for WooCommerce plugin, allowing exploitation of incorrectly configured access control security levels due to a missing...

APIExperts Square for WooCommerce < 4.3 - Reflected Cross-Site Scripting

Description The APIExperts Square for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress APIExperts Square for WooCommerce Plugin <= 4.2.9 is vulnerable to Cross Site Scripting (XSS)

Software APIExperts Square for WooCommerce Type Plugin Vulnerable versions = 4.2.9 Fixed in 4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27959 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e8463f7f666a Credits stealthcopter...

WordPress APIExperts Square for WooCommerce Plugin <= 4.2.8 is vulnerable to Cross Site Scripting (XSS)

Software APIExperts Square for WooCommerce Type Plugin Vulnerable versions = 4.2.8 Fixed in 4.2.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 703ff9c637f4 Credits Rafie Muhammad...

WordPress APIExperts Square for WooCommerce plugin <= 4.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress APIExperts Square for WooCommerce plugin versions = 4.2. Solution Update the WordPress APIExperts Square for WooCommerce plugin to the latest available version at least 4.2.1...