36 matches found
dropship (=0.0.5), openadapt (>=0.15.1 <=0.46.0) +3 more potentially affected by CVE-2026-42448 via magic-wormhole (>=0.11.2 <=0.13.0)
magic-wormhole PYPI version =0.11.2, =0.15.1, =0.1.0, =0.1.0, =0.2.0, =0.7.0 Source cves: CVE-2026-42448 Source advisory: SNYK:PYTHON-MAGICWORMHOLE-16438994...
CVE-2023-30870
Missing Authorization vulnerability in wooproductimporter Sharkdropship for AliExpress Dropship and Affiliate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sharkdropship for AliExpress Dropship and Affiliate: from n/a through 2.2.3...
PT-2025-7355 · WordPress · Ltl Freight Quotes – Purolator Edition
Name of the Vulnerable Software and Affected Versions: LTL Freight Quotes – Purolator Edition plugin for WordPress versions up to, and including, 2.2.3 Description: The issue is related to SQL Injection via the dropship edit id and edit id parameters due to insufficient escaping on the user...
CVE-2024-13476
The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection via the 'engtzwdsavedropship' AJAX endpoint in all versions up to, and including, 2.3.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
PT-2025-7514 · WordPress · Ltl Freight Quotes – Globaltranz Edition
Name of the Vulnerable Software and Affected Versions: LTL Freight Quotes – GlobalTranz Edition plugin for WordPress versions up to, and including, 2.3.12 Description: The issue concerns a missing capability check on the "engtz wd save dropship" AJAX endpoint, allowing unauthenticated attackers t...
CVE-2024-13534
The Small Package Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 5.2.18 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...
CVE-2024-13491
The Small Package Quotes – For Customers of FedEx plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 4.3.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13485
The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13481
The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 3.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13479
The LTL Freight Quotes – SEFL Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropshipeditid' and 'editid' parameters in all versions up to, and including, 3.2.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2024-13478
The LTL Freight Quotes – TForce Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropshipeditid' and 'editid' parameters in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
PT-2025-7366 · WordPress · Small Package Quotes – Worldwide Express Edition
Name of the Vulnerable Software and Affected Versions: Small Package Quotes – Worldwide Express Edition plugin for WordPress versions prior to 5.2.19 Description: The issue concerns SQL injection via the edit id and dropship edit id parameters due to insufficient escaping on the user-supplied...
WordPress plugin Small Package Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
CVE-2024-13488
The LTL Freight Quotes – Estes Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropshipeditid' and 'editid' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...