Lucene search
K

12 matches found

CVE
CVE
added 5 hours ago7 views

CVE-2026-9235

The DHL eCommerce (Benelux) for WooCommerce WordPress plugin (up to version 2.2.3) is vulnerable to unauthorized modification and data loss due to missing capability checks and missing nonce verification in create_label() and delete_label(). These functions are tied to wp_ajax_dhlpwc_label_create...

4.3CVSS5.9AI score
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-47590

Malicious code in bioql PyPI...

8.2CVSS6.6AI score0.00502EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-30620

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00339EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:35 a.m.6 views

CVE-2024-32834

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebToffee WooCommerce Shipping Label allows Stored XSS.This issue affects WooCommerce Shipping Label: from n/a through 2.3.8...

5.9CVSS5.2AI score0.00339EPSS
Exploits0References1
NVD
NVD
added 2024/04/24 9:15 a.m.18 views

CVE-2024-32834

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebToffee WooCommerce Shipping Label allows Stored XSS.This issue affects WooCommerce Shipping Label: from n/a through 2.3.8...

5.9CVSS5.7AI score0.00339EPSS
Exploits0References1
CVE
CVE
added 2024/04/24 8:27 a.m.69 views

CVE-2024-32834

CVE-2024-32834 involves a Stored XSS in the WebToffee WooCommerce Shipping Label plugin. Affected: WooCommerce Shipping Label (plugin) from n/a through 2.3.8. Root cause per description: Improper neutralization of input during web page generation. Impact is Cross‑Site Scripting, with Confidential...

5.9CVSS5.2AI score0.00339EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/24 8:27 a.m.16 views

CVE-2024-32834 WordPress WooCommerce Shipping Label plugin <= 2.3.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebToffee WooCommerce Shipping Label allows Stored XSS.This issue affects WooCommerce Shipping Label: from n/a through 2.3.8...

5.9CVSS6.7AI score0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/24 8:27 a.m.34 views

CVE-2024-32834 WordPress WooCommerce Shipping Label plugin <= 2.3.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebToffee WooCommerce Shipping Label allows Stored XSS.This issue affects WooCommerce Shipping Label: from n/a through 2.3.8...

5.9CVSS5.9AI score0.00339EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/24 12:0 a.m.4 views

WordPress plugin WooCommerce Shipping Label 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6.2AI score0.00339EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/04/22 7:18 p.m.6 views

WordPress WooCommerce Shipping Label plugin <= 2.3.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WooCommerce Shipping Label versions = 2.3.8...

5.9CVSS6.1AI score0.00339EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.12 views

WordPress WooCommerce Shipping Label Plugin <= 2.3.8 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Shipping Label Type Plugin Vulnerable versions = 2.3.8 Fixed in 2.3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32834 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a0358e31252f Credits Joshua Chan Required...

5.9CVSS6.6AI score0.00339EPSS
Exploits0References1Affected Software1
Cisco Threats
Cisco Threats
added 2012/06/26 9:46 p.m.7 views

Threat Outbreak Alert: Fake Portuguese Pornographic Video Email Messages on April 22, 2014

Medium Alert ID: 26252 First Published: 2012 June 26 21:46 GMT Last Updated: 2014 April 23 14:15 GMT Version: 3 Summary Cisco Security has detected significant activity related to Portuguese-language spam email messages that claim to contain an attachment to a pornographic video file for the...

Exploits0
Rows per page
Query Builder