Lucene search
K

15 matches found

Patchstack
Patchstack
added 2026/02/16 7:50 a.m.6 views

WordPress Product Options and Price Calculation Formulas for WooCommerce - Uni CPO (Premium) plugin <= 4.9.60 - Missing Authorization to Unauthenticated Arbitrary Attachment and Dropbox File Deletion vulnerability

WordPress Product Options and Price Calculation Formulas for WooCommerce - Uni CPO Premium plugin = 4.9.60 - Missing Authorization to Unauthenticated Arbitrary Attachment and Dropbox File Deletion vulnerability discovered by Stefan in WordPress Plugin Uni CPO Premium versions = 4.9.60...

5.8CVSS5.5AI score0.00189EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/12 7:28 p.m.7 views

CVE-2025-13391

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Premium plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'unicporemovefile' function in all versions up to, and including, 4.9.60. This makes it possible for...

5.8CVSS5.7AI score0.00189EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 5:16 p.m.5 views

CVE-2025-13391

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Premium plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'unicporemovefile' function in all versions up to, and including, 4.9.60. This makes it possible for...

5.8CVSS0.00189EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/11 4:25 p.m.4 views

CVE-2025-13391

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Premium plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'unicporemovefile' function in all versions up to, and including, 4.9.60. This makes it possible for...

5.8CVSS5.7AI score0.00189EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/11 4:25 p.m.22 views

CVE-2025-13391 Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) <= 4.9.60 - Missing Authorization to Unauthenticated Arbitrary Attachment and Dropbox File Deletion

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Premium plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'unicporemovefile' function in all versions up to, and including, 4.9.60. This makes it possible for...

5.8CVSS0.00189EPSS
Exploits0References2
CVE
CVE
added 2026/02/11 4:25 p.m.18 views

CVE-2025-13391

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) plugin for WordPress is vulnerable due to a missing capability check on uni_cpo_remove_file, allowing unauthenticated attackers to delete arbitrary attachments or files stored in Dropbox when the path is known....

5.8CVSS5.7AI score0.00189EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.7 views

WordPress plugin Product Options and Price Calculation Formulas for WooCommerce – Uni CPO 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

5.8CVSS5.8AI score0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/25 2:53 a.m.7 views

CVE-2025-10412

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Premium plugin for WordPress is vulnerable to arbitrary file uploads due to misconfigured file type validation in the 'unicpouploadfile' function in all versions up to, and including, 4.9.55. This makes it possible for...

9.8CVSS6.6AI score0.00579EPSS
Exploits0References1
NVD
NVD
added 2025/09/23 10:15 a.m.8 views

CVE-2025-10412

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Premium plugin for WordPress is vulnerable to arbitrary file uploads due to misconfigured file type validation in the 'unicpouploadfile' function in all versions up to, and including, 4.9.55. This makes it possible for...

9.8CVSS0.00579EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/23 9:25 a.m.4 views

CVE-2025-10412 Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) <= 4.9.55 - Unauthenticated Arbitrary File Upload via 'uni_cpo_upload_file'

The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Premium plugin for WordPress is vulnerable to arbitrary file uploads due to misconfigured file type validation in the 'unicpouploadfile' function in all versions up to, and including, 4.9.55. This makes it possible for...

9.8CVSS6.5AI score0.00579EPSS
Exploits0References2
CVE
CVE
added 2025/09/23 9:25 a.m.31 views

CVE-2025-10412

CVE-2025-10412 : The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) plugin for WordPress is vulnerable to unauthenticated arbitrary file uploads via the uni_cpo_upload_file function in all versions up to 4.9.54, which may allow remote code execution on the affe...

9.8CVSS6.6AI score0.00579EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/09/22 10:29 p.m.10 views

WordPress Uni CPO (Premium) plugin <= 4.9.54 - Unauthenticated Arbitrary File Upload via 'uni_cpo_upload_file' vulnerability

Unauthenticated Arbitrary File Upload via 'unicpouploadfile' vulnerability discovered by Ren Voza in WordPress Plugin Uni CPO Premium versions = 4.9.54...

9.8CVSS6.8AI score0.00579EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.14 views

WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Plugin <= 4.9.26 is vulnerable to Cross Site Scripting (XSS)

Software Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Type Plugin Vulnerable versions = 4.9.26 Fixed in 4.9.27 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...

6.9AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.10 views

WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin < 4.9.14 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin versions 4.9.14. Solution Update the WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin to the latest...

2.1AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.9 views

WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin < 4.9.14 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin versions 4.9.14. Solution Update the WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO...

3.8AI score
Exploits0References2Affected Software1
Rows per page
Query Builder