27 matches found
CVE-2026-57773
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Zorem Advanced Shipment Tracking for WooCommerce woo-advanced-shipment-tracking allows Blind SQL Injection.This issue affects Advanced Shipment Tracking for WooCommerce: from n/a through = 4.0...
CVE-2026-57773
The CVE-2026-57773 entry covers a SQL Injection vulnerability in the WordPress plugin “WooCommerce Advanced Shipment Tracking” (woo-advanced-shipment-tracking) up to version 4.0. The issue is described as an Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) that l...
CVE-2026-57773 WordPress Advanced Shipment Tracking for WooCommerce plugin <= 4.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Zorem Advanced Shipment Tracking for WooCommerce woo-advanced-shipment-tracking allows Blind SQL Injection.This issue affects Advanced Shipment Tracking for WooCommerce: from n/a through = 4.0...
WordPress Advanced Shipment Tracking for WooCommerce plugin <= 4.0 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Advanced Shipment Tracking for WooCommerce versions = 4.0...
EUVD-2021-34174
Malicious code in bioql PyPI...
Malicious code in shipmenttrackingserv-paypal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a3a2c25dd8f797d3e201b38a02fde72e265a03a3528d4af7d6bdce2f4b4142e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2786 Malicious code in shipmenttrackingserv-paypal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a3a2c25dd8f797d3e201b38a02fde72e265a03a3528d4af7d6bdce2f4b4142e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2021-4347
The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...
Design/Logic Flaw
The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...
CVE-2021-4347 Advanced Shipment Tracking for WooCommerce <= 3.2.6 - Authenticated WordPress Options Change
The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...
CVE-2021-4347
Summary: The WordPress plugin Advanced Shipment Tracking for WooCommerce (versions up to 3.2.6) is vulnerable due to the function update_shipment_status_email_status_fun , which allows authenticated attackers (including at customer level) to update any WordPress option in the database. The issue ...
WordPress Plugin Advanced Shipment Tracking for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...
PT-2023-12456 · Woocommerce · Advanced Shipment Tracking For Woocommerce
Name of the Vulnerable Software and Affected Versions: Advanced Shipment Tracking for WooCommerce versions up to 3.2.6 Description: The issue concerns the function update shipment status email status fun in the Advanced Shipment Tracking for WooCommerce plugin, which is vulnerable to authenticate...
CVE-2022-41635
Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...
CVE-2022-41635
Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...
CVE-2022-41635
CVE-2022-41635 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin “Zorem Advanced Shipment Tracking for WooCommerce” up to version 3.5.2. The issue enables CSRF in actions related to shipment tracking settings (per Patchstack entry), with a release fix noted in ve...
CVE-2022-41635 WordPress Advanced Shipment Tracking for WooCommerce Plugin <= 3.5.2 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...
WordPress plugin Advanced Shipment Tracking for WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
PT-2023-14004 · Woocommerce · Zorem Advanced Shipment Tracking
Name of the Vulnerable Software and Affected Versions: Zorem Advanced Shipment Tracking for WooCommerce plugin versions = 3.5.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to perform unintended actions on a we...