3 matches found
EUVD-2026-20453
WCAPF – WooCommerce Ajax Product Filter plugin is vulnerable to time-based SQL Injection via the 'post-author' parameter in all versions up to, and including, 4.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...
PT-2026-31296
Name of the Vulnerable Software and Affected Versions WCAPF – WooCommerce Ajax Product Filter versions up to and including 4.2.3 Description The WooCommerce Ajax Product Filter plugin is susceptible to time-based SQL Injection through the post-author parameter. Insufficient input sanitization and...
Pydio 跨站脚本漏洞
Pydio AjaXplorer is a web-based remote file manager from Pydio. The manager supports uploading and downloading files, online file editing, image previewing, and more. A security vulnerability exists in Pydio version 4.2.3, which can be exploited by an attacker to cause a cross-site scripting...