23 matches found
CVE-2026-5722
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
WordPress MoreConvert Pro plugin <= 1.9.14 - Authentication Bypass vulnerability
Authentication Bypass vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin MoreConvert Pro versions = 1.9.14...
EUVD-2026-27167
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
CVE-2026-5722
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
CVE-2026-5722 MoreConvert Pro <= 1.9.14 - Authentication Bypass via Waitlist Guest Verification Token Reuse
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
CVE-2026-5722
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
CVE-2026-5722 MoreConvert Pro <= 1.9.14 - Authentication Bypass via Waitlist Guest Verification Token Reuse
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
CVE-2026-5722
The CVE concerns the WordPress plugin MoreConvert Pro (versions up to and including 1.9.14). The vulnerability is an Authentication Bypass in the guest waitlist verification flow: tokens are not invalidated or regenerated when the customer email is changed, enabling unauthenticated attackers to a...
PT-2026-36944
Name of the Vulnerable Software and Affected Versions MoreConvert Pro versions prior to 1.9.15 Description The MoreConvert Pro plugin for WordPress contains an authentication bypass flaw. The issue exists because the guest waitlist verification flow fails to invalidate or regenerate verification...
CVE-2024-34819
Missing Authorization vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert.This issue affects MC Woocommerce Wishlist: from n/a through = 1.7.2...
EUVD-2024-35078
Malicious code in bioql PyPI...
EUVD-2024-35084
Malicious code in bioql PyPI...
PT-2025-24504 · Unknown · Moreconvert Mc Woocommerce Wishlist
Name of the Vulnerable Software and Affected Versions: moreconvert MC Woocommerce Wishlist versions 1.9.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potentia...
CVE-2025-30879
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert allows SQL Injection.This issue affects MC Woocommerce Wishlist: from n/a through = 1.8.9...
CVE-2024-34819
Missing Authorization vulnerability in MoreConvert MC Woocommerce Wishlist.This issue affects MC Woocommerce Wishlist: from n/a through 1.7.2...
CVE-2024-34819
Missing Authorization vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert.This issue affects MC Woocommerce Wishlist: from n/a through = 1.7.2...
CVE-2024-34819
CVE-2024-34819 refers to a Missing Authorization vulnerability in the WordPress plugin MoreConvert MC Woocommerce Wishlist (aka MC Woocommerce Wishlist). Public records consistently indicate the flaw affects versions up to and including 1.7.2 and is categorized with a base CVSS score of 5.3 (MEDI...
CVE-2024-34819 WordPress MC Woocommerce Wishlist plugin <= 1.7.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert.This issue affects MC Woocommerce Wishlist: from n/a through = 1.7.2...
CVE-2024-34813
Missing Authorization vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert.This issue affects MC Woocommerce Wishlist: from n/a through = 1.7.8...
CVE-2024-34813 WordPress WooCommerce Wishlist plugin <= 1.7.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Moreconvert Team MC Woocommerce Wishlist smart-wishlist-for-more-convert.This issue affects MC Woocommerce Wishlist: from n/a through = 1.7.8...