CVE-2024-1436

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wiloke WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit.This issue affects WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit: from n/a through 1.0.9...

WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit <= 1.0.9 - Unauthenticated Sensitive Information Exposure

Description The WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.9. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data...

CVE-2024-1436

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wiloke WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit.This issue affects WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit: from n/a through 1.0.9...

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wiloke WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit.This issue affects WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit: from n/a through 1.0.9...

CVE-2024-1436

CVE-2024-1436 affects the WordPress plugin set “WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit,” exposing sensitive data to unauthorized actors via unauthenticated access. The vulnerability impacts versions up to 1.0.9 (no fixed version listed in the provided data). Connected RH/Wordfen...

WordPress WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit Plugin <= 1.0.9 is vulnerable to Sensitive Data Exposure

Software WooCommerce Coupon Popup, SmartBar, Slide In | MyShopKit Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-1436 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8b17a4bc28...

Malicious code in @harrysforge/slide-in (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 688ef32ced9f65d980f58506395317e04f4b1f1c31617519f8476b1b92d0c0a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-322 Malicious code in @harrysforge/slide-in (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 688ef32ced9f65d980f58506395317e04f4b1f1c31617519f8476b1b92d0c0a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...