7 matches found
CVE-2023-37873
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WooCommerce Shipping Multiple Addresses plugin = 3.8.5 versions...
CVE-2024-56290 WordPress Multiple Shipping And Billing Address For Woocommerce Plugin <= 1.2 - Unauthenticated SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce different-shipping-and-billing-address-for-woocommerce allows SQL Injection.This issue affects Multiple Shipping And Billing...
WordPress plugin WooCommerce Shipping Multiple Addresses Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Prestashop Input Validation Error Vulnerability
Prestashop is a set of open source e-commerce solutions from the United States Prestashop. The solution provides multiple payment methods, short message alerts and product image scaling. An input validation error vulnerability exists in Prestashop Opart devis prior to version 4.0.2, which allows ...
Microdistribution has a flawed logic vulnerability
Micro Distribution is a WeChat distribution platform tailored for businesses. Micro distribution has a logic flaw vulnerability, an attacker can use the vulnerability to overstep the right to modify the entire network of users' shipping address information...
OnePlus Suffers New Data Breach Impacting Its Online Store Customers
Chinese smartphone maker OnePlus has suffered a new data breach exposing personal and order information of an undisclosed number of its customers, likely, as a result of a vulnerability in its online store website. The breach came to light after OnePlus started informing affected customers via...
ShopEx4. 8 5 vulnerability the shipping address can be any view modify delete a-vulnerability warning-the black bar safety net
Ordinary members, after logging in, by a maliciously constructed URL can be achieved for the entire site shipping address to view, modify, and delete. Causing the user sensitive privacy leak and website, unnecessary losses. Detailed description: core/shop/controller/ctl. member. php file //Modify...