40 matches found
EUVD-2026-27167
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
CVE-2026-5722
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
CVE-2026-5722 MoreConvert Pro <= 1.9.14 - Authentication Bypass via Waitlist Guest Verification Token Reuse
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
CVE-2026-5722
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
CVE-2026-5722
The CVE concerns the WordPress plugin MoreConvert Pro (versions up to and including 1.9.14). The vulnerability is an Authentication Bypass in the guest waitlist verification flow: tokens are not invalidated or regenerated when the customer email is changed, enabling unauthenticated attackers to a...
CVE-2026-5722 MoreConvert Pro <= 1.9.14 - Authentication Bypass via Waitlist Guest Verification Token Reuse
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed. This makes it possible...
PT-2026-36944
Name of the Vulnerable Software and Affected Versions MoreConvert Pro versions prior to 1.9.15 Description The MoreConvert Pro plugin for WordPress contains an authentication bypass flaw. The issue exists because the guest waitlist verification flow fails to invalidate or regenerate verification...
WordPress plugin MoreConvert Pro 授权问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Are we ready for ChatGPT Health?
How comfortable are you with sharing your medical history with an AI? I’m certainly not. OpenAI’s announcement about its new ChatGPT Health program prompted discussions about data privacy and how the company plans to keep the information users submit safe. ChatGPT Health is a dedicated “health...
EUVD-2024-40061
Malicious code in bioql PyPI...
CVE-2024-8724
The Waitlist Woocommerce Back in stock notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.7.5. This makes it possible for unauthenticated attackers to inject...
CVE-2023-36506 WordPress YITH WooCommerce Waitlist plugin <= 2.13.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in YITH YITH WooCommerce Waiting List allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Waiting List: from n/a through 2.13.0...
CVE-2023-36506 WordPress YITH WooCommerce Waitlist plugin <= 2.13.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in YITHEMES YITH WooCommerce Waiting List yith-woocommerce-waiting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Waiting List: from n/a through = 2.13.0...
CVE-2024-43134
Missing Authorization vulnerability in xootix Waitlist Woocommerce Back in stock notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Waitlist Woocommerce Back in stock notifier : from n/a through 2.6...
CVE-2024-43134
CVE-2024-43134 concerns the Waitlist Woocommerce (Back in stock notifier) plugin. The vulnerability is described as Missing Authorization due to incorrectly configured access control, affecting plugin releases up to version 2.6 (vulnerable range shown as n/a–2.6). The CVSS Base Score is MEDIUM (4...
CVE-2024-43134 WordPress Waitlist Woocommerce plugin <= 2.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in xootix Waitlist Woocommerce Back in stock notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Waitlist Woocommerce Back in stock notifier : from n/a through 2.6...
CVE-2024-43134 WordPress Waitlist Woocommerce plugin <= 2.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in xootix Waitlist Woocommerce Back in stock notifier allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Waitlist Woocommerce Back in stock notifier : from n/a through 2.6...
PT-2024-30323 · WordPress · Waitlist Woocommerce
Name of the Vulnerable Software and Affected Versions: Waitlist Woocommerce Back in stock notifier versions n/a through 2.6 Description: The issue affects the Waitlist Woocommerce Back in stock notifier plugin due to a Missing Authorization vulnerability. This vulnerability allows exploitation of...
WordPress plugin Waitlist Woocommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Waitlist Woocommerce ( Back in stock notifier ) plugin <= 2.7.5 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Waitlist Woocommerce Back in stock notifier versions = 2.7.5...