163 matches found
NotificationX Dropshipping < 4.4 - SQL Injection
The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection id: CVE-2022-3481 info: name: NotificationX Dropshipping 4.4 - SQL Injection author: ritikchaddha severity: critical...
CVE-2026-57352
Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce = 2.2.0 versions...
CVE-2026-57352
CVE-2026-57352 concerns the WordPress plugin ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce (
CVE-2026-57352
Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce = 2.2.0 versions...
CVE-2026-57352 WordPress ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce plugin <= 2.2.0 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce = 2.2.0 versions...
CVE-2026-54846
Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale = 1.0.27 versions...
CVE-2026-54846 WordPress Syncee Premium Dropshipping & Wholesale plugin <= 1.0.27 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale = 1.0.27 versions...
EUVD-2026-39683
Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale = 1.0.27 versions...
CVE-2026-54846
CVE-2026-54846: Unauthenticated Broken Access Control in WordPress plugin Syncee Premium Dropshipping & Wholesale (versions
WordPress Syncee Premium Dropshipping & Wholesale plugin <= 1.0.27 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by dodoh4t in WordPress Plugin Syncee Premium Dropshipping & Wholesale versions = 1.0.27...
EUVD-2026-37614
Unauthenticated Broken Authentication in WooCommerce Dropshipping = 5.2.4 versions...
CVE-2026-49071
Unauthenticated Broken Authentication in WooCommerce Dropshipping = 5.2.4 versions...
CVE-2024-37210
CVE-2024-37210 concerns WordPress AliExpress Dropshipping with AliNext Lite plugin
CVE-2026-49071
The entry affects the WordPress WooCommerce Dropshipping plugin (versions
CVE-2026-49071 WordPress WooCommerce Dropshipping plugin <= 5.2.4 - Broken Authentication vulnerability
Unauthenticated Broken Authentication in WooCommerce Dropshipping = 5.2.4 versions...
WordPress WooCommerce Dropshipping plugin <= 5.2.4 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WooCommerce Dropshipping versions = 5.2.4...
CVE-2023-25960
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Zendrop Zendrop – Global Dropshipping zendrop-dropshipping-and-fulfillment allows SQL Injection.This issue affects Zendrop – Global Dropshipping: from n/a through 1.0.0...
CVE-2023-25970
Unrestricted Upload of File with Dangerous Type vulnerability in Zendrop Zendrop – Global Dropshipping.This issue affects Zendrop – Global Dropshipping: from n/a through 1.0.0...
CVE-2024-2381
The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaxsaveimage function in all versions up to, and including, 3.3.5. This makes it possible for authenticated attackers, with subscriber-level acces...
WordPress EPROLO Dropshipping plugin <= 2.3.1 - Missing Authorization to Authenticated (Subscriber+) Tracking Data Modification vulnerability
Missing Authorization to Authenticated Subscriber+ Tracking Data Modification vulnerability discovered by Legion Hunter in WordPress Plugin EPROLO Dropshipping versions = 2.3.1...