9 matches found
CVE-2026-56050
CVE-2026-56050 affects the WordPress PPOM for WooCommerce plugin (Themeisle) up to version 33.0.18. The issue is described as an Improper Access Control vulnerability, arising from incorrectly configured access control security levels within the PPOM for WooCommerce feature set. The available doc...
CVE-2025-66069 WordPress PPOM for WooCommerce plugin <= 33.0.16 - Broken Access Control vulnerability
Missing Authorization vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPOM for WooCommerce: from n/a through = 33.0.16...
CVE-2025-66069
CVE-2025-66069 (WordPress PPOM for WooCommerce) is a Missing Authorization / Broken Access Control vulnerability affecting PPOM for WooCommerce versions up to 33.0.16. The issue, reported by Legion Hunter, arises from incorrectly configured access controls in the woocommerce-product-addon feature...
WordPress plugin PPOM for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
EUVD-2025-3863
Malicious code in bioql PyPI...
CVE-2025-24668 WordPress PPOM for WooCommerce plugin <= 33.0.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Stored XSS.This issue affects PPOM for WooCommerce: from n/a through = 33.0.8...
PT-2025-5489 · Woocommerce · Ppom For Woocommerce
Name of the Vulnerable Software and Affected Versions: PPOM for WooCommerce versions n/a through 33.0.8 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...
WordPress PPOM for WooCommerce Plugin < 32.0.7 is vulnerable to Cross Site Scripting (XSS)
Software PPOM for WooCommerce Type Plugin Vulnerable versions 32.0.7 Fixed in 32.0.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2256 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID f58b7e5c3a3c Credits Alex Sanford...
WordPress 安全漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blogging sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions of WordPress PPOM for WooCommerce plugin...