EUVD-2024-40841

Malicious code in bioql PyPI...

PT-2024-30929 · Woocommerce · Eu/Uk Vat Manager For Woocommerce

Name of the Vulnerable Software and Affected Versions: EU/UK VAT Manager for WooCommerce versions prior to 2.12.14 Description: The issue is related to improper neutralization of script-related HTML tags in a web page, which allows Cross-Site Scripting XSS. This problem enables attackers to use...

WordPress EU/UK VAT Manager for WooCommerce plugin <= 2.12.12 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Francesco Carlucci in WordPress Plugin EU/UK VAT Manager for WooCommerce versions = 2.12.12...

WordPress WooCommerce EU VAT Assistant Plugin <= 2.0.43.230518 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce EU VAT Assistant Type Plugin Vulnerable versions = 2.0.43.230518 Fixed in 2.1.2.230718 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b78924498cc5 Credits Rafi...

WordPress WooCommerce EU VAT Assistant plugin < 2.0.28.220224 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce EU VAT Assistant plugin versions 2.0.28.220224. Solution Update the WordPress WooCommerce EU VAT Assistant plugin to the latest available version at least 2.0.28.220224...

WordPress WooCommerce EU VAT Assistant plugin < 2.0.28.220224 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WooCommerce EU VAT Assistant plugin versions 2.0.28.220224. Solution Update the WordPress WooCommerce EU VAT Assistant plugin to the latest available version at least 2.0.28.220224...

Update 17.9 for Microsoft Dynamics 365 Business Central 2020 Release Wave 2 (Application Build 17.9.28504, Platform Build 17.0.28458)

Update 17.9 for Microsoft Dynamics 365 Business Central 2020 Release Wave 2 Application Build 17.9.28504, Platform Build 17.0.28458 Overview This update replaces previously released updates. You should always install the latest update. This update also fixes an XSS vulnerability. For more...

Design/Logic Flaw

Easy EU Value Added VAT Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via addqueryarg and removequeryarg...

CVE-2015-9368

CVE-2015-9368 affects the Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange on WordPress, prior to version 1.2.0. The vulnerability is an XSS due to improper handling of add_query_arg() and remove_query_arg(), allowing injected scripts via URL parameters. Impact is XSS; exploitation det...