4 matches found
CVE-2025-1284
creationtimestamp| type| source ---|---|--- 2025-04-24 09:12:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13207 2025-04-24 13:03:56+00:00| seen| https://t.me/cvedetector/23668 2025-04-24 14:19:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnkvntudhh24...
CVE-2025-1284
CVE-2025-1284 affects the WordPress plugin “Woocommerce Automatic Order Printing” (formerly WooCommerce Google Cloud Print), vulnerable up to version 4.1 due to missing validation on a user-controlled key in the xc_woo_printer_preview AJAX action. The issue is an Insecure Direct Object Reference ...
CVE-2025-1284 Woocommerce Automatic Order Printing | ( Formerly WooCommerce Google Cloud Print) <= 4.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Order Information Disclosure
The Woocommerce Automatic Order Printing | Formerly WooCommerce Google Cloud Print plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.1 via the xcwooprinterpreview AJAX action due to missing validation on a user controlled key. This make...
WordPress Woocommerce Automatic Order Printing plugin <= 4.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Order Information Disclosure vulnerability
Insecure Direct Object Reference to Authenticated Subscriber+ Order Information Disclosure vulnerability discovered by Lucio Sá in WordPress Plugin Woocommerce Automatic Order Printing versions = 4.1...