97 matches found
PT-2023-28134 · Tyche Softwares · Order Delivery Date For Woocommerce
Name of the Vulnerable Software and Affected Versions: Tyche Softwares Order Delivery Date for WooCommerce plugin versions = 3.20.0 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into a website,...
WordPress Plugin Tyche Softwares Order Delivery Date for WooCommerce Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Tyche Softwares Order...
Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites
A critical security flaw has been disclosed in the WordPress "Abandoned Cart Lite for WooCommerce" plugin that's installed on more than 30,000 websites. "This vulnerability makes it possible for an attacker to gain access to the accounts of users who have abandoned their carts, who are typically...
Tyche Softwares Addresses Authentication Bypass Vulnerability in Abandoned Cart Lite for WooCommerce WordPress Plugin
On May 29, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Authentication Bypass vulnerability in Tyche Softwares’s Abandoned Cart Lite for WooCommerce plugin, which is actively installed on more than 30,000 WordPress websites. This...
WordPress Abandoned Cart Lite For WooCommerce 5.14.2 Authentication Bypass
On May 29, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for an Authentication Bypass vulnerability in Tyche Softwares’s Abandoned Cart Lite for WooCommerce plugin, which is actively installed on more than 30,000 WordPress websites. This...
CVE-2022-45367
Cross-Site Request Forgery CSRF vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin = 1.4.0 versions...
CVE-2022-45367
Cross-Site Request Forgery CSRF vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin = 1.4.0 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin = 1.4.0 versions...
CVE-2022-45367 WordPress Custom Order Numbers for WooCommerce Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin = 1.4.0 versions...
CVE-2022-45367
CVE-2022-45367: A CSRF vulnerability in the Tyche Softwares Custom Order Numbers for WooCommerce plugin (
CVE-2022-45367 WordPress Custom Order Numbers for WooCommerce Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin = 1.4.0 versions...
PT-2023-14655 · Tyche Softwares · Custom Order Numbers For Woocommerce
Name of the Vulnerable Software and Affected Versions: Tyche Softwares Custom Order Numbers for WooCommerce plugin versions = 1.4.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...
CVE-2023-23703
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Tyche Softwares Arconix Shortcodes plugin = 2.1.7 versions...
CVE-2023-23703
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Tyche Softwares Arconix Shortcodes plugin = 2.1.7 versions...
CVE-2023-23703
CVE-2023-23703 corresponds to a Stored XSS in the WordPress plugin Arconix Shortcodes (vulnerable: 2.1.7 is the recommended remediation. Additional sources classify the issue as low severity with a low likelihood of exploitation, but it remains a real vulnerability for sites still running
CVE-2023-23703 WordPress Arconix Shortcodes Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Tyche Softwares Arconix Shortcodes plugin = 2.1.7 versions...
CVE-2023-23703 WordPress Arconix Shortcodes Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Tyche Softwares Arconix Shortcodes plugin = 2.1.7 versions...