EUVD-2021-34174

Malicious code in bioql PyPI...

Malicious code in shipmenttrackingserv-paypal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a3a2c25dd8f797d3e201b38a02fde72e265a03a3528d4af7d6bdce2f4b4142e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2786 Malicious code in shipmenttrackingserv-paypal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a3a2c25dd8f797d3e201b38a02fde72e265a03a3528d4af7d6bdce2f4b4142e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-4347

The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...

Design/Logic Flaw

The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...

CVE-2021-4347 Advanced Shipment Tracking for WooCommerce <= 3.2.6 - Authenticated WordPress Options Change

The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...

CVE-2021-4347

Summary: The WordPress plugin Advanced Shipment Tracking for WooCommerce (versions up to 3.2.6) is vulnerable due to the function update_shipment_status_email_status_fun , which allows authenticated attackers (including at customer level) to update any WordPress option in the database. The issue ...

WordPress Plugin Advanced Shipment Tracking for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...

PT-2023-12456 · Woocommerce · Advanced Shipment Tracking For Woocommerce

Name of the Vulnerable Software and Affected Versions: Advanced Shipment Tracking for WooCommerce versions up to 3.2.6 Description: The issue concerns the function update shipment status email status fun in the Advanced Shipment Tracking for WooCommerce plugin, which is vulnerable to authenticate...

CVE-2022-41635

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

CVE-2022-41635

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

CVE-2022-41635

CVE-2022-41635 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin “Zorem Advanced Shipment Tracking for WooCommerce” up to version 3.5.2. The issue enables CSRF in actions related to shipment tracking settings (per Patchstack entry), with a release fix noted in ve...

CVE-2022-41635 WordPress Advanced Shipment Tracking for WooCommerce Plugin <= 3.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

PT-2023-14004 · Woocommerce · Zorem Advanced Shipment Tracking

Name of the Vulnerable Software and Affected Versions: Zorem Advanced Shipment Tracking for WooCommerce plugin versions = 3.5.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to perform unintended actions on a we...

WordPress plugin Advanced Shipment Tracking for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

WordPress Advanced Shipment Tracking for WooCommerce Plugin <= 3.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Advanced Shipment Tracking for WooCommerce Type Plugin Vulnerable versions = 3.5.2 Fixed in 3.5.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-41635 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7b3ec3a5415d...

WordPress Advanced Shipment Tracking for WooCommerce plugin <= 3.2.6 - Authenticated WordPress Options Change vulnerability

Authenticated WordPress Options Change vulnerability discovered by Jerome Bruandet in WordPress Advanced Shipment Tracking for WooCommerce plugin versions = 3.2.6. Solution Update the WordPress Advanced Shipment Tracking for WooCommerce plugin to the latest available version at least 3.2.7...

Threat Outbreak Alert: Fake Shipment Tracking Information Email Messages on May 14, 2014

Medium Alert ID: 34223 First Published: 2014 May 14 14:17 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain shipment tracking information for the recipient. The text in the email message attempts to convince the recipient ...

Threat Outbreak Alert: Fake Shipment Tracking Information Email Messages on April 30, 2014

Medium Alert ID: 34010 First Published: 2014 April 30 19:09 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain shipment tracking information for the recipient. The text in the email message attempts to convince the recipien...