Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-42897

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00324EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:40 a.m.15 views

CVE-2023-39162

Unauth. Reflected Cross-Site Scripting XSS vulnerability in XLPlugins User Email Verification for WooCommerce plugin = 3.5.0 versions...

7.1CVSS5.9AI score0.00324EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 12:16 a.m.4 views

CVE-2024-4186

The Edwiser Bridge plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.5. This is due to the 'ebuseremailverificationkey' default value is empty, and the not empty check is missing in the 'ebuseremailverify' function. This makes it possible for...

9.8CVSS5.9AI score0.00902EPSS
Exploits0References1
NVD
NVD
added 2023/09/04 10:15 a.m.34 views

CVE-2023-39162

Unauth. Reflected Cross-Site Scripting XSS vulnerability in XLPlugins User Email Verification for WooCommerce plugin = 3.5.0 versions...

7.1CVSS6.3AI score0.00324EPSS
Exploits0References1
Prion
Prion
added 2023/09/04 10:15 a.m.20 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in XLPlugins User Email Verification for WooCommerce plugin = 3.5.0 versions...

5.8CVSS6AI score0.00324EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/09/04 9:46 a.m.42 views

CVE-2023-39162

CVE-2023-39162: Unauthenticated reflected XSS in XLPlugins User Email Verification for WooCommerce, versions

7.1CVSS6AI score0.00324EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/04 12:0 a.m.7 views

PT-2023-26817 · Xlplugins · Xlplugins User Email Verification For Woocommerce

Name of the Vulnerable Software and Affected Versions: XLPlugins User Email Verification for WooCommerce plugin versions = 3.5.0 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website,...

7.1CVSS6.4AI score0.00324EPSS
Exploits0References7
Patchstack
Patchstack
added 2023/07/26 12:0 a.m.15 views

WordPress User Email Verification for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)

Software User Email Verification for WooCommerce Type Plugin Vulnerable versions = 3.5.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-39162 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1c9649928e7b...

7.1CVSS5.7AI score0.00324EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/06/22 12:0 a.m.15 views

WordPress User Email Verification for WooCommerce Plugin <= 3.5.0 is vulnerable to Broken Authentication

Software User Email Verification for WooCommerce Type Plugin Vulnerable versions = 3.5.0 Fixed in N/A OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-2781 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID 9f959445cfce Credits Lana Cod...

9.8CVSS6.6AI score0.01172EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/06/03 12:15 a.m.23 views

Authentication flaw

The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication bypass via authenticateuserbyemail in versions up to, and including, 3.5.0. This is due to a random token generation weakness in the resendverificationemail function. This allows unauthenticated...

7.5CVSS9.5AI score0.01172EPSS
Exploits0References4Affected Software1
WPVulnDB
WPVulnDB
added 2023/06/02 12:0 a.m.17 views

User Email Verification for WooCommerce <= 3.5.0 - Authentication bypass via weak token generation

The plugin uses a weak random token when resending email address verifications, allowing an unauthenticated attacker to impersonate users and trigger an email address verification for arbitrary accounts, including administrative accounts. Furthermore, if the Allow Automatic Login After Successful...

9.8CVSS7.1AI score0.01172EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder