6 matches found
CVE-2026-1943
The YayMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 4.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Shop...
CVE-2026-1381
The Order Minimum/Maximum Amount Limits for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 4.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
EUVD-2023-44121
Malicious code in bioql PyPI...
CVE-2024-13519
The MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin's settings in all versions up to, and including, 1.9.80 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-13519
CVE-2024-13519 (MarketKing – Ultimate WooCommerce Multivendor Marketplace Solution) has concrete details in connected records. The vulnerability affects the MarketKing WordPress plugin (MarketKing — Ultimate WooCommerce Multivendor Marketplace Solution) and is a Stored Cross-Site Scripting flaw e...
CVE-2024-2752
CVE-2024-2752 concerns the WordPress WooCommerce extension Where Did You Hear About Us Checkout Field for WooCommerce. The connected Red Hat CVE entry confirms the issue as a Stored Cross-Site Scripting vulnerability via order meta in all versions up to and including 1.3.1, caused by insufficient...