Lucene search
+L

27 matches found

NVD
NVD
added 5 days ago4 views

CVE-2026-57773

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Zorem Advanced Shipment Tracking for WooCommerce woo-advanced-shipment-tracking allows Blind SQL Injection.This issue affects Advanced Shipment Tracking for WooCommerce: from n/a through = 4.0...

7.6CVSS0.00372EPSS
Exploits0References1
CVE
CVE
added 5 days ago14 views

CVE-2026-57773

The CVE-2026-57773 entry covers a SQL Injection vulnerability in the WordPress plugin “WooCommerce Advanced Shipment Tracking” (woo-advanced-shipment-tracking) up to version 4.0. The issue is described as an Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) that l...

7.6CVSS6.1AI score0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-57773 WordPress Advanced Shipment Tracking for WooCommerce plugin <= 4.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Zorem Advanced Shipment Tracking for WooCommerce woo-advanced-shipment-tracking allows Blind SQL Injection.This issue affects Advanced Shipment Tracking for WooCommerce: from n/a through = 4.0...

7.6CVSS0.00372EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/07/02 1:24 p.m.7 views

WordPress Advanced Shipment Tracking for WooCommerce plugin <= 4.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Advanced Shipment Tracking for WooCommerce versions = 4.0...

7.6CVSS6AI score0.00372EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.24 views

EUVD-2021-34174

Malicious code in bioql PyPI...

9.9CVSS6.6AI score0.00654EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/28 8:55 a.m.4 views

Malicious code in shipmenttrackingserv-paypal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a3a2c25dd8f797d3e201b38a02fde72e265a03a3528d4af7d6bdce2f4b4142e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/03/28 8:55 a.m.4 views

MAL-2025-2786 Malicious code in shipmenttrackingserv-paypal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a3a2c25dd8f797d3e201b38a02fde72e265a03a3528d4af7d6bdce2f4b4142e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/06 4:25 a.m.13 views

CVE-2021-4347

The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...

9.9CVSS6.7AI score0.00654EPSS
Exploits1References1
Prion
Prion
added 2023/06/07 2:15 a.m.16 views

Design/Logic Flaw

The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...

4CVSS6.4AI score0.00654EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/07 1:51 a.m.15 views

CVE-2021-4347 Advanced Shipment Tracking for WooCommerce <= 3.2.6 - Authenticated WordPress Options Change

The function updateshipmentstatusemailstatusfun in the plugin Advanced Shipment Tracking for WooCommerce in versions up to 3.2.6 is vulnerable to authenticated arbitrary options update. The function allows attackers including those at customer level to update any WordPress option in the database...

9.9CVSS6.7AI score0.00654EPSS
Exploits1References2
CVE
CVE
added 2023/06/07 1:51 a.m.51 views

CVE-2021-4347

Summary: The WordPress plugin Advanced Shipment Tracking for WooCommerce (versions up to 3.2.6) is vulnerable due to the function update_shipment_status_email_status_fun , which allows authenticated attackers (including at customer level) to update any WordPress option in the database. The issue ...

9.9CVSS6.3AI score0.00654EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/06/07 12:0 a.m.7 views

WordPress Plugin Advanced Shipment Tracking for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...

9.9CVSS6.5AI score0.00654EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.7 views

PT-2023-12456 · Woocommerce · Advanced Shipment Tracking For Woocommerce

Name of the Vulnerable Software and Affected Versions: Advanced Shipment Tracking for WooCommerce versions up to 3.2.6 Description: The issue concerns the function update shipment status email status fun in the Advanced Shipment Tracking for WooCommerce plugin, which is vulnerable to authenticate...

9.9CVSS6.4AI score0.00654EPSS
Exploits1References4
NVD
NVD
added 2023/05/25 9:15 a.m.26 views

CVE-2022-41635

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

8.8CVSS5.9AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2023/05/25 9:15 a.m.5 views

CVE-2022-41635

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

8.8CVSS5.8AI score0.00256EPSS
Exploits0References1
Prion
Prion
added 2023/05/25 9:15 a.m.23 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

6.8CVSS8.8AI score0.00256EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/25 8:59 a.m.48 views

CVE-2022-41635

CVE-2022-41635 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin “Zorem Advanced Shipment Tracking for WooCommerce” up to version 3.5.2. The issue enables CSRF in actions related to shipment tracking settings (per Patchstack entry), with a release fix noted in ve...

8.8CVSS6.6AI score0.00256EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/25 8:59 a.m.30 views

CVE-2022-41635 WordPress Advanced Shipment Tracking for WooCommerce Plugin <= 3.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin = 3.5.2 versions...

4.3CVSS9AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/25 12:0 a.m.7 views

WordPress plugin Advanced Shipment Tracking for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

8.8CVSS8.2AI score0.00256EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/05/25 12:0 a.m.6 views

PT-2023-14004 · Woocommerce · Zorem Advanced Shipment Tracking

Name of the Vulnerable Software and Affected Versions: Zorem Advanced Shipment Tracking for WooCommerce plugin versions = 3.5.2 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to perform unintended actions on a we...

8.8CVSS8.8AI score0.00256EPSS
Exploits0References3
Rows per page
Query Builder