Lucene search
+L

6 matches found

Vulnrichment
Vulnrichment
added 2025/09/09 4:25 p.m.3 views

CVE-2025-47569 WordPress WooCommerce Ultimate Gift Card plugin <= 2.8.10 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPSwings WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates. This issue affects WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards...

9.3CVSS7.2AI score0.00579EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/04/19 2:23 a.m.443 views

Exploit for Unrestricted Upload of File with Dangerous Type in Wpswings Woocommerce_Ultimate_Gift_Card

Wordpress WooCommerce Ultimate Gift Card = 2.6.0 - Unauthenti...

9.8CVSS9.9AI score0.03858EPSS
Exploits12
RedhatCVE
RedhatCVE
added 2025/03/02 8:25 a.m.10 views

CVE-2024-8425

The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwbwgmpreviewmail' and 'mwbwgmwoocommerceaddcartitemdata' functions in all versions up to, and including, 2.9.2. This makes it possible for...

9.8CVSS8AI score0.03858EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/28 8:23 a.m.12 views

CVE-2024-8425 WooCommerce Ultimate Gift Card <= 2.9.2 - Unauthenticated Arbitrary File Upload

The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwbwgmpreviewmail' and 'mwbwgmwoocommerceaddcartitemdata' functions in all versions up to, and including, 2.9.2. This makes it possible for...

9.8CVSS8AI score0.03858EPSS
Exploits1References2
NVD
NVD
added 2024/12/02 2:15 p.m.21 views

CVE-2024-53740

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Reflected XSS.This issue affects WooCommerce Ultimate Gift Card: from n/a through 2.9.1...

7.1CVSS0.00245EPSS
Exploits0References1
CVE
CVE
added 2024/12/02 1:42 p.m.52 views

CVE-2024-53740

CVE-2024-53740 is a reflected XSS in the WordPress plugin “WooCommerce Ultimate Gift Card” (notFound variant) prior to version 2.9.1. The issue arises from improper input neutralization during web page generation, allowing attacker-controlled input to be reflected in a page. Affected product: Woo...

7.1CVSS7.2AI score0.00245EPSS
Exploits0References1
Rows per page
Query Builder