Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.12 views

CVE-2026-9241

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 1.4.6. This is due to the getvalue function in classes/fixed/fixeduserrole.php trusting the attacker-controlled...

4.3CVSS5.4AI score0.00213EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:27 a.m.11 views

CVE-2026-9241

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 1.4.6. This is due to the getvalue function in classes/fixed/fixeduserrole.php trusting the attacker-controlled...

4.3CVSS5.7AI score0.00213EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44181

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 1.4.6. This is due to the get value function in classes/fixed/fixed user role.php trusting the attacker-controlled $...

4.3CVSS5.7AI score0.00213EPSS
Exploits0References6
NVD
NVD
added 2026/05/15 7:16 a.m.25 views

CVE-2026-4094

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'adminhead' function in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Contributor-lev...

8.1CVSS0.00273EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/15 6:45 a.m.52 views

CVE-2026-4094 FOX – Currency Switcher Professional for WooCommerce <= 1.4.5 - Missing Authorization to Authenticated (Contributor+) Configuration Deletion

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'adminhead' function in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Contributor-lev...

8.1CVSS0.00273EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.11 views

WordPress plugin FOX Currency Switcher Professional for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

8.1CVSS5.7AI score0.00273EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/14 12:0 a.m.15 views

WordPress FOX – Currency Switcher Professional for WooCommerce plugin <= 1.4.5 - Missing Authorization to Authenticated (Contributor+) Configuration Deletion vulnerability

Missing Authorization to Authenticated Contributor+ Configuration Deletion vulnerability discovered by Ren Voza in WordPress Plugin FOX versions = 1.4.5...

8.1CVSS5.8AI score0.00273EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-33219

Malicious code in bioql PyPI...

7.3CVSS8.7AI score0.00441EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:22 a.m.8 views

CVE-2024-3734

The FOX – Currency Switcher Professional for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 1.4.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on what other...

6.5CVSS6.1AI score0.01032EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:10 a.m.8 views

CVE-2024-10640

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS7.6AI score0.00441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 10:32 p.m.10 views

CVE-2024-8271

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS7.6AI score0.00737EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/09 12:0 a.m.6 views

PT-2024-16426 · WordPress · Fox – Currency Switcher Professional

Name of the Vulnerable Software and Affected Versions: The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress versions up to, and including, 1.4.2.2 Description: The issue is due to the software allowing users to execute an action that does not properly validate a value...

7.3CVSS7.9AI score0.00441EPSS
Exploits0References9
Patchstack
Patchstack
added 2024/09/16 7:12 a.m.6 views

WordPress FOX – Currency Switcher Professional for WooCommerce plugin <= 1.4.2.1 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin FOX versions = 1.4.2.1...

7.3CVSS7.1AI score0.00737EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/09/14 3:15 a.m.6 views

CVE-2024-8271

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS6.1AI score0.00737EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/14 2:4 a.m.35 views

CVE-2024-8271 FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.1 - Unauthenticated Arbitrary Shortcode Execution

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS0.00737EPSS
Exploits0References3
NVD
NVD
added 2024/05/02 5:15 p.m.40 views

CVE-2024-3734

The FOX – Currency Switcher Professional for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 1.4.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on what other...

6.5CVSS6.9AI score0.01032EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/05/02 4:52 p.m.12 views

CVE-2024-3734 FOX – Currency Switcher Professional for WooCommerce <= 1.4.1.8 - Unauthenticated Arbitrary Shortcode Execution

The FOX – Currency Switcher Professional for WooCommerce plugin is vulnerable to Unauthenticated Arbitrary Shortcode Execution in versions up to, and including, 1.4.1.8. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on what other...

6.5CVSS6.1AI score0.01032EPSS
Exploits0References3
OSV
OSV
added 2023/12/17 11:15 a.m.7 views

CVE-2023-49834

Cross-Site Request Forgery CSRF vulnerability in realmag777 FOX – Currency Switcher Professional for WooCommerce.This issue affects FOX – Currency Switcher Professional for WooCommerce: from n/a through 1.4.1.4...

8.8CVSS5.8AI score0.00254EPSS
Exploits0References1
Rows per page
Query Builder