Lucene search
K

9 matches found

CVE
CVE
added 2025/03/29 7:3 a.m.99 views

CVE-2025-2266

The CVE-2025-2266 entry concerns the WordPress plugin Checkout Mestres do WP for WooCommerce. Affected versions: 8.6.5–8.7.5. Root cause: a missing capability check in cwmpUpdateOptions() that allows unauthenticated modification of options. Impact: attackers can update arbitrary WordPress options...

9.8CVSS7.7AI score0.00678EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/29 12:0 a.m.7 views

WordPress plugin Checkout Mestres do WP for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS8.4AI score0.00678EPSS
Exploits1References2
NVD
NVD
added 2024/10/02 10:15 a.m.16 views

CVE-2024-44030

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Absolute Path Traversal.This issue affects Checkout Mestres WP: from n/a through = 8.6...

7.2CVSS0.00649EPSS
Exploits0References1
CVE
CVE
added 2024/10/02 9:19 a.m.47 views

CVE-2024-44030

CVE-2024-44030: Local File Inclusion (path traversal) in Checkout Mestres WP (Mestres do WP Checkout) plugins allows PHP local file inclusion. Affected: Checkout Mestres WP versions n/a through 8.6. Root cause: Improper limitation of a pathname to a restricted directory. Impact: Confidentiality, ...

7.2CVSS5.9AI score0.00649EPSS
Exploits0References1
NVD
NVD
added 2024/04/24 5:15 p.m.13 views

CVE-2023-51471

Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Checkout Mestres WP: from n/a through 7.1.9.7...

8.2CVSS8.3AI score0.00563EPSS
Exploits0References1
NVD
NVD
added 2024/04/24 5:15 p.m.9 views

CVE-2023-51472

Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through 7.1.9.7...

9.8CVSS9.7AI score0.00657EPSS
Exploits0References1
NVD
NVD
added 2023/12/31 6:15 p.m.25 views

CVE-2023-51469

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mestres do WP Checkout Mestres WP.This issue affects Checkout Mestres WP: from n/a through 7.1.9.6...

9.8CVSS0.0057EPSS
Exploits0References1
Prion
Prion
added 2023/12/31 6:15 p.m.15 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mestres do WP Checkout Mestres WP.This issue affects Checkout Mestres WP: from n/a through 7.1.9.6...

7.5CVSS7.9AI score0.0057EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/31 5:46 p.m.65 views

CVE-2023-51469

CVE-2023-51469 is an unauthenticated SQL injection in Checkout Mestres WP (WordPress plugin). The vulnerability arises from Improper Neutralization of Special Elements used in an SQL Command in the Checkout Mestres WP plugin, affecting versions up to 7.1.9.6. Public sources describe a high-severi...

9.8CVSS8.9AI score0.0057EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder