CVE-2025-12075

The Order Splitter for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wostroubleshooting' AJAX endpoint in all versions up to, and including, 5.3.5. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-12075

The Order Splitter for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wostroubleshooting' AJAX endpoint in all versions up to, and including, 5.3.5. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-12075 Order Splitter for WooCommerce <= 5.3.5 - Missing Authorization to Authenticated (Subscriber+) Order Information Exposure

The Order Splitter for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wostroubleshooting' AJAX endpoint in all versions up to, and including, 5.3.5. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-12075

CVE-2025-12075 affects the WordPress plugin Order Splitter for WooCommerce. The vulnerability is due to a missing capability check on the wos_troubleshooting AJAX endpoint, allowing authenticated users with Subscriber-level access and above to view other users’ order information. Affected version...

WordPress plugin Order Splitter for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

PT-2026-20220

Name of the Vulnerable Software and Affected Versions Order Splitter for WooCommerce plugin for WordPress versions up to and including 5.3.5 Description The Order Splitter for WooCommerce plugin for WordPress has a flaw that allows unauthorized access to data. This is due to a missing capability...

WordPress Order Splitter for WooCommerce plugin <= 5.3.5 - Missing Authorization to Authenticated (Subscriber+) Order Information Exposure vulnerability

Missing Authorization to Authenticated Subscriber+ Order Information Exposure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Order Splitter for WooCommerce versions = 5.3.5...

EUVD-2025-9466

Malicious code in bioql PyPI...

CVE-2025-31089

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Fahad Mahmood Order Splitter for WooCommerce woo-order-splitter allows SQL Injection.This issue affects Order Splitter for WooCommerce: from n/a through = 5.3.0...

CVE-2025-31089

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Fahad Mahmood Order Splitter for WooCommerce woo-order-splitter allows SQL Injection.This issue affects Order Splitter for WooCommerce: from n/a through = 5.3.0...

CVE-2025-31089 WordPress Order Splitter for WooCommerce plugin <= 5.3.0 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Fahad Mahmood Order Splitter for WooCommerce woo-order-splitter allows SQL Injection.This issue affects Order Splitter for WooCommerce: from n/a through = 5.3.0...

CVE-2025-31089

CVE-2025-31089 involves Order Splitter for WooCommerce. The vulnerability is an SQL Injection in the plugin, reported as affecting Order Splitter for WooCommerce versions up to and including 5.3.0. Root cause: improper neutralization of input elements used in SQL commands. Exploitation requires a...

CVE-2025-31089 WordPress Order Splitter for WooCommerce plugin <= 5.3.0 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Fahad Mahmood Order Splitter for WooCommerce woo-order-splitter allows SQL Injection.This issue affects Order Splitter for WooCommerce: from n/a through = 5.3.0...

WordPress Order Splitter for WooCommerce plugin <= 5.3.0 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by LVT-tholv2k in WordPress Plugin Order Splitter for WooCommerce versions = 5.3.0...

WordPress plugin Order Splitter for WooCommerce SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2025-14407 · Woocommerce · Order Splitter For Woocommerce

Name of the Vulnerable Software and Affected Versions: Order Splitter for WooCommerce versions n/a through 5.3.0 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...