56 matches found
EUVD-2023-44167
Malicious code in bioql PyPI...
EUVD-2023-37023
Malicious code in bioql PyPI...
EUVD-2023-37014
Malicious code in bioql PyPI...
CVE-2023-32802
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Pre-Orders plugin = 1.9.0 versions...
CVE-2023-3507
The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack...
CVE-2023-32793
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Pre-Orders plugin = 2.0.0 versions...
CVE-2023-3508
The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when processing its tab actions, which could allow attackers to make logged in admins email pre-orders customer, change the released date, mark all pre-orders of a specific product as complete or cancel via CSRF atta...
Pre-Orders for WooCommerce < 1.2.14 - Contributor+ Stored XSS
Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-46783
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bright Plugins Pre-Orders for WooCommerce plugin = 1.2.13 versions...
CVE-2023-46783
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bright Plugins Pre-Orders for WooCommerce plugin = 1.2.13 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bright Plugins Pre-Orders for WooCommerce plugin = 1.2.13 versions...
CVE-2023-46783
CVE-2023-46783 concerns the WordPress plugin Bright Plugins Pre-Orders for WooCommerce (versions
WordPress Plugin Pre-Orders for WooCommerce Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2023-32793
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Pre-Orders plugin = 2.0.0 versions...
CVE-2023-32802
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Pre-Orders plugin = 1.9.0 versions...
CVE-2023-32802
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Pre-Orders plugin = 1.9.0 versions...
CVE-2023-32793
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Pre-Orders plugin = 2.0.0 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Pre-Orders plugin = 2.0.0 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Pre-Orders plugin = 1.9.0 versions...
CVE-2023-32793 WordPress WooCommerce Pre-Orders Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WooCommerce WooCommerce Pre-Orders plugin = 2.0.0 versions...