22 matches found
EUVD-2025-30722
Malicious code in bioql PyPI...
EUVD-2025-11670
Malicious code in bioql PyPI...
CVE-2025-57914
Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...
WordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Deliver via Shipos for WooCommerce versions = 3.0.2...
CVE-2025-57914
Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...
CVE-2025-57914 WordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...
CVE-2025-57914
CVE-2025-57914 : CSRF flaw in Deliver via Shipos for WooCommerce (Matat Technologies) affects the Deliver via Shipos for WooCommerce plugin up to version 3.0.2. The description confirms a Cross-Site Request Forgery vulnerability, but the provided documents do not supply exploitation details, affe...
CVE-2025-57914 WordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...
WordPress plugin Deliver via Shipos for WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that provides the ability to host a personal blog site on a PHP and MySQL based server. A cross-site...
PT-2025-38765
Name of the Vulnerable Software and Affected Versions Deliver via Shipos for WooCommerce versions through 3.0.2 Description A Cross-Site Request Forgery CSRF issue exists in Deliver via Shipos for WooCommerce. This allows attackers to perform actions on behalf of authenticated users...
CVE-2025-32533
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Reflected XSS.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 2.1.7...
CVE-2025-32533
CVE-2025-32533 is a reflected XSS in the WordPress plugin Deliver via Shipos for WooCommerce (Deliver via Shipos for WooCommerce) affecting 2.1.7 and earlier. Root cause: improper neutralization of input during web page generation. Public references (NVD/Red Hat/Wordfence) confirm it as a valid i...
CVE-2025-32533 WordPress Deliver via Shipos for WooCommerce Plugin <= 2.1.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Reflected XSS.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 2.1.7...
CVE-2025-32533 WordPress Deliver via Shipos for WooCommerce Plugin <= 2.1.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Reflected XSS.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 2.1.7...
PT-2025-17105 · Woocommerce · Deliver Via Shipos For Woocommerce
Name of the Vulnerable Software and Affected Versions: Deliver via Shipos for WooCommerce versions 2.1.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential...
WordPress plugin Deliver via Shipos for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...
CVE-2024-12222
CVE-2024-12222 affects Deliver via Shipos for WooCommerce (WordPress) via Reflected XSS in the dvsfw_bulk_label_url parameter, impacting all versions up to 2.1.7. Exploitation requires a user to click a crafted link; attackers can inject scripts in pages that execute in the context of the victim....
CVE-2024-12222 Deliver via Shipos for WooCommerce <= 2.1.7 - Reflected Cross-Site Scripting via dvsfw_bulk_label_url Parameter
The Deliver via Shipos for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dvsfwbulklabelurl’ parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2024-12222 Deliver via Shipos for WooCommerce <= 2.1.7 - Reflected Cross-Site Scripting via dvsfw_bulk_label_url Parameter
The Deliver via Shipos for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dvsfwbulklabelurl’ parameter in all versions up to, and including, 2.1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
PT-2025-1786 · WordPress · Deliver Via Shipos For Woocommerce
Name of the Vulnerable Software and Affected Versions: Deliver via Shipos for WooCommerce plugin for WordPress versions up to, and including, 2.1.7 Description: The issue is related to Reflected Cross-Site Scripting via the dvsfw bulk label url parameter due to insufficient input sanitization and...