8 matches found
CVE-2026-7547
The Woosa – Marktplaats for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in versions up to and including 2.0.4. This is due to insufficient path sanitization in the renderlogsui function, which accepts a base64-encoded file name from the 'logfile' GET...
EUVD-2026-37981
The Woosa – Marktplaats for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in versions up to and including 2.0.4. This is due to insufficient path sanitization in the renderlogsui function, which accepts a base64-encoded file name from the 'logfile' GET...
PT-2026-50844
Name of the Vulnerable Software and Affected Versions Woosa – Marktplaats for WooCommerce versions prior to 2.0.5 Description Insufficient path sanitization in the render logs ui function allows authenticated attackers with Administrator-level access to read arbitrary files on the server, such as...
WordPress Woosa – Marktplaats for WooCommerce plugin <= 2.0.5 - Authenticated (Administrator+) Arbitrary File Read vulnerability
Authenticated Administrator+ Arbitrary File Read vulnerability discovered by Legion Hunter in WordPress Plugin Woosa – Marktplaats for WooCommerce versions = 2.0.5...
Dutch police sell fake tickets to show how easily scams work
If you can’t beat them, copy them. That seems to be the thinking behind an unusual campaign by the Dutch police, who set up a fake ticket website selling tickets that don’t exist. The website, TicketBewust.nl, invites people to order tickets for events like football matches and concerns. But the...
Marktplaats - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Marktplaats published at the 'play' market has multiple vulnerabilities...
Marktplaats: Multiple Apache 2.2.22 Vulnerabilities (XSS/ Code Exec/ DoS)
Hello, Your current version of apache 2.2.22 for http://aanbieding.marktplaats.com is vulnerable to many issues like DoS, XSS and Code Exec 1. DoS Refer: http://www.cvedetails.com/cve/CVE-2014-0231/ http://www.cvedetails.com/cve/CVE-2014-0098/ http://www.cvedetails.com/cve/CVE-2013-6438/...
Marktplaats: Content Spoofing - http://aanbieding.marktplaats.nl/wp-admin/admin-ajax.php
Hello, Content spoofing, also referred to as content injection or virtual defacement, is an attack targeting a user made possible by injection vulnerability in a web application. When an application does not properly handle user supplied data, an attacker can supply content to a web application,...