Lucene search
K

141 matches found

Patchstack
Patchstack
added 2026/02/02 8:39 a.m.7 views

WordPress Smart Online Order for Clover plugin <= 1.5.6 - Missing Authorization to Authenticated (Subscriber+) Plugin Data Update vulnerability

Missing Authorization to Authenticated Subscriber+ Plugin Data Update vulnerability discovered by Lucio Sá in WordPress Plugin Smart Online Order for Clover versions = 1.5.6...

4.3CVSS5.3AI score0.00353EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/27 8:22 a.m.4 views

CVE-2026-24796 A Out-of-bounds Read vulnerability in CloverHackyColor/CloverBootloader

Out-of-bounds Read vulnerability in CloverHackyColor CloverBootloader MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules. This vulnerability is associated with program files regparse.C. This issue affects CloverBootloader: before 5162...

6.9CVSS5.9AI score0.00126EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 8:22 a.m.13 views

CVE-2026-24796

CVE-2026-24796 is described as an Out-of-bounds Read vulnerability affecting CloverBootloader (CloverHackyColor) before 5162. The issue involves modules in MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma and is associated with regparse.C. The accessible documents do not provide explicit exp...

6.9CVSS5.9AI score0.00126EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50190

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00333EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-29134

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00221EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-49418

Malicious code in bioql PyPI...

6.1CVSS6.5AI score0.00363EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-16419

Malicious code in bioql PyPI...

5.3CVSS8.9AI score0.00641EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 10:0 a.m.12 views

CVE-2024-29115

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zaytech Smart Online Order for Clover allows Stored XSS.This issue affects Smart Online Order for Clover: from n/a through 1.5.5...

6.5CVSS8.6AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:20 a.m.3 views

CVE-2024-7032

The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'moodeactivateAndClean' function in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to deactivate the plugin an...

6.5CVSS5.3AI score0.00482EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:25 a.m.11 views

CVE-2024-0626

The WooCommerce Clover Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the callbackhandler function in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to mark orders as paid...

5.3CVSS6.7AI score0.00641EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:20 a.m.4 views

CVE-2024-43254

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through = 1.5.6...

8.8CVSS5.9AI score0.00417EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:52 a.m.5 views

CVE-2023-46312

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Zaytech Smart Online Order for Clover plugin = 1.5.4 versions...

7.1CVSS5.9AI score0.00331EPSS
Exploits0
OSV
OSV
added 2024/11/01 3:15 p.m.6 views

CVE-2024-43254

Missing Authorization vulnerability in Zaytech Smart Online Order for Clover allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Online Order for Clover: from n/a through 1.5.6...

8.8CVSS5.8AI score0.00417EPSS
Exploits0References1
OSV
OSV
added 2024/11/01 3:15 p.m.3 views

CVE-2024-43253

Missing Authorization vulnerability in Zaytech Smart Online Order for Clover allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Smart Online Order for Clover: from n/a through 1.5.6...

9.8CVSS5.8AI score0.00604EPSS
Exploits0References1
NVD
NVD
added 2024/11/01 3:15 p.m.31 views

CVE-2024-43253

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through = 1.5.6...

9.8CVSS0.00604EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:17 p.m.38 views

CVE-2024-43253 WordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through = 1.5.6...

5.3CVSS0.00604EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:17 p.m.46 views

CVE-2024-43253

CVE-2024-43253 describes a Missing Authorization vulnerability in the WordPress plugin “Smart Online Order” for Clover (Zaytech). The issue allows accessing functionality not properly constrained by ACLs. Affected range: Clover Online Orders from n/a through 1.5.6. Public references indicate a hi...

9.8CVSS5.9AI score0.00604EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/01 2:17 p.m.11 views

CVE-2024-43253 WordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through = 1.5.6...

5.3CVSS5.1AI score0.00604EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/01 2:17 p.m.32 views

CVE-2024-43254 WordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders.This issue affects Smart Online Order for Clover: from n/a through = 1.5.6...

4.3CVSS0.00417EPSS
Exploits0References1
CVE
CVE
added 2024/11/01 2:17 p.m.52 views

CVE-2024-43254

CVE-2024-43254 affects the WordPress plugin Clover Online Orders (Smart Online Order for Clover). The connected docs identify a Missing Authorization issue due to misconfigured access control in Smart Online Order for Clover up to version 1.5.6. The Wordfence/CVE entries note the vulnerability as...

8.8CVSS5.9AI score0.00417EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder