CVE-2024-34370

Improper Privilege Management vulnerability in WPFactory EAN for WooCommerce allows Privilege Escalation.This issue affects EAN for WooCommerce: from n/a through 4.8.9...

CVE-2025-62009

Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Cross Site Request Forgery.This issue affects UPC/EAN/GTIN Code Generator: from n/a through = 2.0.2...

CVE-2025-62009 WordPress UPC/EAN/GTIN Code Generator plugin <= 2.0.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Dmitry V. CEO of "UKR Solution" UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Cross Site Request Forgery.This issue affects UPC/EAN/GTIN Code Generator: from n/a through = 2.0.2...

EUVD-2020-30206

Malware in sbrugna...

EUVD-2025-28169

Malicious code in bioql PyPI...

EUVD-2025-8504

Malicious code in bioql PyPI...

EUVD-2024-34742

Malicious code in bioql PyPI...

EUVD-2023-54783

Malicious code in bioql PyPI...

CVE-2025-53588

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Dmitry V. CEO of "UKR Solution" UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Path Traversal.This issue affects UPC/EAN/GTIN Code Generator: from n/a through = 2.0.2...

CVE-2025-53588 WordPress UPC/EAN/GTIN Code Generator Plugin <= 2.0.2 - Arbitrary File Deletion Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Dmitry V. CEO of "UKR Solution" UPC/EAN/GTIN Code Generator allows Path Traversal. This issue affects UPC/EAN/GTIN Code Generator: from n/a through 2.0.2...

CVE-2023-4947

The WooCommerce EAN Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the refreshordereandata AJAX action in versions up to 6.1.0. This makes it possible for authenticated attackers with contributor-level access and above,...

CVE-2023-6892

The EAN for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'algwceanproductmeta' shortcode in all versions up to, and including, 4.8.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-48249

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Stored XSS.This issue affects EAN for WooCommerce: from n/a through = 5.4.6...

CVE-2025-48249

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Stored XSS.This issue affects EAN for WooCommerce: from n/a through = 5.4.6...

CVE-2025-48249 WordPress EAN for WooCommerce plugin <= 5.4.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Stored XSS.This issue affects EAN for WooCommerce: from n/a through = 5.4.6...

CVE-2025-48249 WordPress EAN for WooCommerce <= 5.4.6 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory EAN for WooCommerce allows Stored XSS. This issue affects EAN for WooCommerce: from n/a through 5.4.6...

CVE-2025-48249

CVE-2025-48249 : Stored XSS in WPFactory EAN for WooCommerce (WordPress plugin) affecting versions n/a through 5.4.6. Exploitation would stem from improper input neutralization during web page generation, enabling malicious scripts to be stored and potentially executed in a user context. Connecte...

PT-2025-21961 · Woocommerce · Ean For Woocommerce

Name of the Vulnerable Software and Affected Versions: EAN for WooCommerce versions n/a through 5.4.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inje...

WordPress plugin EAN for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site...

CVE-2025-22673

Missing Authorization vulnerability in WPFactory EAN for WooCommerce ean-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EAN for WooCommerce: from n/a through = 5.3.5...