Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:6 a.m.4 views

CVE-2024-13317

The ShipWorks Connector for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.5. This is due to missing or incorrect nonce validation on the 'shipworks-wordpress' page. This makes it possible for unauthenticated attackers to...

4.3CVSS6.7AI score0.00164EPSS
Exploits0References1
NVD
NVD
added 2025/01/18 7:15 a.m.10 views

CVE-2024-13317

The ShipWorks Connector for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.5. This is due to missing or incorrect nonce validation on the 'shipworks-wordpress' page. This makes it possible for unauthenticated attackers to...

4.3CVSS0.00164EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/18 7:5 a.m.5 views

CVE-2024-13317 ShipWorks Connector for Woocommerce <= 5.2.5 - Cross-Site Request Forgery to Service Password/Username Update

The ShipWorks Connector for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.5. This is due to missing or incorrect nonce validation on the 'shipworks-wordpress' page. This makes it possible for unauthenticated attackers to...

4.3CVSS6.7AI score0.00164EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/18 7:5 a.m.10 views

CVE-2024-13317 ShipWorks Connector for Woocommerce <= 5.2.5 - Cross-Site Request Forgery to Service Password/Username Update

The ShipWorks Connector for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.5. This is due to missing or incorrect nonce validation on the 'shipworks-wordpress' page. This makes it possible for unauthenticated attackers to...

4.3CVSS0.00164EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/18 12:0 a.m.3 views

WordPress plugin ShipWorks Connector for Woocommerce 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists i...

4.3CVSS8.3AI score0.00164EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/01/17 9:7 p.m.5 views

WordPress ShipWorks Connector for Woocommerce plugin <= 5.2.5 - Cross-Site Request Forgery to Service Password/Username Update vulnerability

Cross-Site Request Forgery to Service Password/Username Update vulnerability discovered by SOPROBRO in WordPress Plugin ShipWorks Connector for Woocommerce versions = 5.2.5...

4.3CVSS7AI score0.00164EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder