18 matches found
CVE-2024-31944
Cross-Site Request Forgery CSRF vulnerability in Octolize WooCommerce UPS Shipping – Live Rates and Access Points.This issue affects WooCommerce UPS Shipping – Live Rates and Access Points: from n/a through 2.2.4...
CVE-2024-9109
The WooCommerce UPS Shipping – Live Rates and Access Points plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deleteoauthdata function in all versions up to, and including, 2.3.12. This makes it possible for authenticated attackers,...
CVE-2024-9109
The WooCommerce UPS Shipping – Live Rates and Access Points plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deleteoauthdata function in all versions up to, and including, 2.3.12. This makes it possible for authenticated attackers,...
CVE-2024-9109
The WooCommerce UPS Shipping – Live Rates and Access Points plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deleteoauthdata function in all versions up to, and including, 2.3.11. This makes it possible for authenticated attackers,...
CVE-2024-9109
CVE-2024-9109 affects the WordPress plugin “WooCommerce UPS Shipping – Live Rates and Access Points” up to version 2.3.11. The vulnerability stems from a missing capability check in the delete_oauth_data function, allowing authenticated attackers with Subscriber-level access or higher to delete t...
CVE-2024-9109 UPS Live Rates and Access Points <= 2.3.12 - Missing Authorization to Plugin API key reset
The WooCommerce UPS Shipping – Live Rates and Access Points plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deleteoauthdata function in all versions up to, and including, 2.3.12. This makes it possible for authenticated attackers,...
WordPress plugin WooCommerce UPS Shipping 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress WooCommerce UPS Shipping – Live Rates and Access Points Plugin <= 2.3.11 is vulnerable to Broken Access Control
Software WooCommerce UPS Shipping – Live Rates and Access Points Type Plugin Vulnerable versions = 2.3.11 Fixed in 3.0.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9109 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID b3cccbff59...
WooCommerce UPS Shipping – Live Rates and Access Points < 2.2.5 - Cross-Site Request Forgery
Description The WooCommerce UPS Shipping – Live Rates and Access Points plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.4. This is due to missing or incorrect nonce validation on an unknown function. This makes it possible for...
CVE-2024-31944
Cross-Site Request Forgery CSRF vulnerability in Octolize WooCommerce UPS Shipping – Live Rates and Access Points.This issue affects WooCommerce UPS Shipping – Live Rates and Access Points: from n/a through 2.2.4...
CVE-2024-31944
CVE-2024-31944 is a Cross-Site Request Forgery (CSRF) vulnerability in the Octolize WooCommerce UPS Shipping – Live Rates and Access Points plugin for WooCommerce. Affected versions are listed as from n/a through 2.2.4. The CVSS metrics indicate a Network attack vector, no confidentiality/availab...
CVE-2024-31944 WordPress WooCommerce UPS Shipping plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Octolize WooCommerce UPS Shipping – Live Rates and Access Points.This issue affects WooCommerce UPS Shipping – Live Rates and Access Points: from n/a through 2.2.4...
WordPress WooCommerce UPS Shipping plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin WooCommerce UPS Shipping – Live Rates and Access Points versions = 2.2.4...
WordPress WooCommerce UPS Shipping – Live Rates and Access Points Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software WooCommerce UPS Shipping – Live Rates and Access Points Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.2.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31944 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...
PT-2024-24309 · Woocommerce · Woocommerce Ups Shipping – Live Rates/Access Points
Name of the Vulnerable Software and Affected Versions: WooCommerce UPS Shipping – Live Rates and Access Points versions through 2.2.4 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...
WordPress Plugin WooCommerce UPS Shipping 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin WooCommerce UPS...
Threat Outbreak Alert: Fake Shipping Charges Notification Email Messages on May 20, 2014
Medium Alert ID: 34305 First Published: 2014 May 20 16:05 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a shipping charges notification from UPS for the recipient. The text in the email message attempts to convince the...
osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities
Title: ====== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=497 VL-ID: ===== 497 Introduction: ============= osCMax is a powerful e-commerce/shopping cart web application. There are many...