Lucene search
+L

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-37479

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00248EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-37482

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00382EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/20 6:53 p.m.20 views

CVE-2023-33318 WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Arbitrary File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40...

9.9CVSS9.7AI score0.00814EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/20 3:44 p.m.9 views

CVE-2023-33330 WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.50 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50...

8.5CVSS7.7AI score0.00644EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/20 3:44 p.m.25 views

CVE-2023-33330 WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.50 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.50...

8.5CVSS9AI score0.00644EPSS
Exploits0References1
OSV
OSV
added 2023/05/28 7:15 p.m.3 views

CVE-2023-33316

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Follow-Up Emails AutomateWoo plugin = 4.9.40 versions...

8.8CVSS7.3AI score0.00248EPSS
Exploits0References1
Prion
Prion
added 2023/05/28 7:15 p.m.21 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Follow-Up Emails AutomateWoo plugin = 4.9.40 versions...

6.8CVSS8.7AI score0.00248EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/28 6:7 p.m.49 views

CVE-2023-33319

CVE-2023-33319: Unauth. Reflected Cross-Site Scripting in the WooCommerce Follow-Up Emails (AutomateWoo) plugin, affecting versions up to and including 4.9.40. The vulnerability is an unauthenticated XSS that can be triggered via user-controlled input reflected in the response. Patchstack lists a...

7.1CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/28 6:1 p.m.14 views

CVE-2023-33316 WordPress WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Follow-Up Emails AutomateWoo plugin = 4.9.40 versions...

5.4CVSS7.1AI score0.00248EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/28 6:1 p.m.24 views

CVE-2023-33316 WordPress WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in WooCommerce WooCommerce Follow-Up Emails AutomateWoo plugin = 4.9.40 versions...

5.4CVSS9AI score0.00248EPSS
Exploits0References1
CVE
CVE
added 2023/05/28 6:1 p.m.46 views

CVE-2023-33316

CVE-2023-33316 is a CSRF vulnerability in the WooCommerce Follow-Up Emails (AutomateWoo) WordPress plugin, affecting versions

8.8CVSS7AI score0.00248EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/05/28 12:0 a.m.4 views

WordPress plugin WooCommerce Follow-Up Emails 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

8.8CVSS8.1AI score0.00248EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/28 12:0 a.m.6 views

PT-2023-24290 · WordPress · Woocommerce Follow-Up Emails

Name of the Vulnerable Software and Affected Versions: WooCommerce Follow-Up Emails AutomateWoo plugin versions prior to 4.9.41 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker could potentially inject malicious scripts...

7.1CVSS6.1AI score0.00382EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/05/24 12:0 a.m.8 views

WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.50 is vulnerable to SQL Injection

Software WooCommerce Follow-Up Emails Type Plugin Vulnerable versions = 4.9.50 Fixed in 4.9.51 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-33330 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 7a94f72827ab Credits Rafie Muhammad Patchstack Required...

8.5CVSS6.8AI score0.00644EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.18 views

WooCommerce Follow-Up Emails < 4.9.50 - Unauthenticated Reflected XSS

The plugin does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admin...

7.1CVSS6.1AI score0.00382EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/22 12:0 a.m.13 views

WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Arbitrary File Upload

Software WooCommerce Follow-Up Emails Type Plugin Vulnerable versions = 4.9.40 Fixed in 4.9.50 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-33318 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID c6e0ffcab096 Credits Rafie Muhammad...

9.9CVSS6.8AI score0.00814EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/05/22 12:0 a.m.14 views

WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Cross Site Request Forgery (CSRF)

Software WooCommerce Follow-Up Emails Type Plugin Vulnerable versions = 4.9.40 Fixed in 4.9.50 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-33316 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 0e0bdd6cea04 Credits Rafi...

8.8CVSS6.6AI score0.00248EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/05/22 12:0 a.m.17 views

WooCommerce Follow-Up Emails < 4.9.50 - Cross-Site Request Forgery (CSRF)

The plugin does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to perform actions on their behalf by tricking a logged in user to submit a crafted request...

8.8CVSS6.8AI score0.00248EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/05/22 12:0 a.m.14 views

WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Follow-Up Emails Type Plugin Vulnerable versions = 4.9.40 Fixed in 4.9.50 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33319 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID da1adfccae00 Credits...

7.1CVSS5.6AI score0.00382EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/08/22 3:2 p.m.63 views

CVE-2022-2389

The CVE-2022-2389 entry concerns the WordPress plugin Autonami (Automations By Autonami) for WooCommerce. Prior to version 2.1.2, one AJAX action lacked proper authorization and CSRF checks, allowing any authenticated user (e.g., subscribers) to create automations. This is corroborated across mul...

4.3CVSS4.5AI score0.00308EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder