4 matches found
CVE-2025-10412
The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Premium plugin for WordPress is vulnerable to arbitrary file uploads due to misconfigured file type validation in the 'unicpouploadfile' function in all versions up to, and including, 4.9.55. This makes it possible for...
CVE-2025-10412 Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) <= 4.9.55 - Unauthenticated Arbitrary File Upload via 'uni_cpo_upload_file'
The Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Premium plugin for WordPress is vulnerable to arbitrary file uploads due to misconfigured file type validation in the 'unicpouploadfile' function in all versions up to, and including, 4.9.55. This makes it possible for...
WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Plugin <= 4.9.26 is vulnerable to Cross Site Scripting (XSS)
Software Product Options and Price Calculation Formulas for WooCommerce – Uni CPO Type Plugin Vulnerable versions = 4.9.26 Fixed in 4.9.27 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership...
WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin < 4.9.14 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin versions 4.9.14. Solution Update the WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO...