Lucene search
+L

24 matches found

EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2026-36934

Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery 2.1.0 versions...

7.2CVSS5.2AI score0.00382EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-39470

Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery 2.1.0 versions...

7.2CVSS0.00382EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.14 views

CVE-2026-39470

CVE-2026-39470 affects the WordPress plugin WooCommerce Cart Abandonment Recovery, specifically versions earlier than 2.1.0. The issue is a Privilege Escalation that allows a shop manager to gain higher privileges. The reported impact is Confidentiality, Integrity, and Availability at high severi...

7.2CVSS5.2AI score0.00382EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:17 p.m.28 views

CVE-2026-39470 WordPress WooCommerce Cart Abandonment Recovery plugin < 2.1.0 - Privilege Escalation vulnerability

Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery 2.1.0 versions...

7.2CVSS0.00382EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.19 views

PT-2026-49376

Shop manager Privilege Escalation in WooCommerce Cart Abandonment Recovery 2.1.0 versions...

7.2CVSS5.2AI score0.00382EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/04/08 11:25 a.m.6 views

WordPress WooCommerce Cart Abandonment Recovery plugin < 2.1.0 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WooCommerce Cart Abandonment Recovery versions 2.1.0...

5.8AI score0.00382EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-55590

Malicious code in bioql PyPI...

7.6CVSS7.6AI score0.00534EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/18 12:0 a.m.12 views

PT-2025-25777 · Funnelkit · Recover Woocommerce Cart Abandonment

Name of the Vulnerable Software and Affected Versions: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit versions up to, and including, 3.5.3 Description: The issue is related to a missing capability check on the install or activate addon plugins...

9.8CVSS6.5AI score0.02904EPSS
Exploits0References15
CNNVD
CNNVD
added 2025/06/18 12:0 a.m.8 views

WordPress plugin Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

9.8CVSS5.9AI score0.02904EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 5:8 a.m.11 views

CVE-2023-50857

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...

7.6CVSS7.8AI score0.00534EPSS
Exploits0References1
NVD
NVD
added 2024/11/14 6:15 a.m.27 views

CVE-2024-9186

The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin before 3.3.0 does not sanitize and escape the bwfan-track-id parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

8.6CVSS0.02241EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/11/14 12:0 a.m.9 views

PT-2024-39476 · Funnelkit · Recover Woocommerce Cart Abandonment

Name of the Vulnerable Software and Affected Versions: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit WordPress plugin versions prior to 3.3.0 Description: The issue allows unauthenticated users to perform SQL injection attacks due to the lack...

8.6CVSS7.2AI score0.02241EPSS
Exploits1References10
Patchstack
Patchstack
added 2024/04/03 7:21 a.m.8 views

WordPress WooCommerce Cart Abandonment Recovery plugin < 1.2.27 - Templates/Abandoned Orders Deletion via CSRF vulnerability

Templates/Abandoned Orders Deletion via CSRF vulnerability discovered by Erwan LR WPScan in WordPress Plugin WooCommerce Cart Abandonment Recovery versions 1.2.27...

6.8CVSS7AI score0.00353EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/04/03 12:0 a.m.14 views

WordPress WooCommerce Cart Abandonment Recovery Plugin < 1.2.27 is vulnerable to Cross Site Request Forgery (CSRF)

Software WooCommerce Cart Abandonment Recovery Type Plugin Vulnerable versions 1.2.27 Fixed in 1.2.27 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2322 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 266dfc803e4a Credit...

6.6AI score0.00353EPSS
Exploits2References3Affected Software1
CNNVD
CNNVD
added 2024/04/03 12:0 a.m.21 views

WordPress plugin WooCommerce Cart Abandonment Recovery 漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.8CVSS8.2AI score0.00353EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2024/03/13 12:0 a.m.18 views

WooCommerce Cart Abandonment Recovery < 1.2.27 - Templates/Abandoned Orders Deletion via CSRF

Description The plugin does not have CSRF check in its bulk actions, which could allow attackers to make logged in admins delete arbitrary email templates as well as delete and unsubscribe users from abandoned orders via CSRF attacks. PoC Make a logged in admin open one of the URLs below - To mak...

6.7AI score0.00353EPSS
Exploits2Affected Software1
NVD
NVD
added 2023/12/28 11:15 a.m.24 views

CVE-2023-50857

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...

7.6CVSS0.00534EPSS
Exploits0References1
OSV
OSV
added 2023/12/28 11:15 a.m.6 views

CVE-2023-50857

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...

7.2CVSS7.3AI score0.00534EPSS
Exploits0References1
Prion
Prion
added 2023/12/28 11:15 a.m.19 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing,...

5.8CVSS7.9AI score0.00534EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/12/28 10:57 a.m.51 views

CVE-2023-50857

Mode C: CVE-2023-50857 is an SQL Injection in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation by FunnelKit. Affected: Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation by FunnelKit up to version 2.6.1 (inclusi...

7.6CVSS7.8AI score0.00534EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder