WordPress CO2ok: carbon offsetting for e-commerce Plugin <= 1.0.9.9 is vulnerable to Cross Site Scripting (XSS)

Software CO2ok: carbon offsetting for e-commerce Type Plugin Vulnerable versions = 1.0.9.9 Fixed in 2.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 82e1635aebea Credits Rafie...

WordPress CO2ok: carbon offsetting for e-commerce plugin <= 1.0.9.21 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress CO2ok: carbon offsetting for e-commerce plugin versions = 1.0.9.21. Solution Update the WordPress CO2ok: carbon offsetting for e-commerce plugin to the latest available version at least 1.0.9.22...

WordPress CO2ok: carbon offsetting for e-commerce plugin <= 1.0.9.21 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress CO2ok: carbon offsetting for e-commerce plugin versions = 1.0.9.21. Solution Update the WordPress CO2ok: carbon offsetting for e-commerce plugin to the latest available version at least 1.0.9.22...