23 matches found
CVE-2026-1852
The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel and remove functions. This makes it possible for unauthenticated attackers to...
CVE-2026-1852 Product Pricing Table by WooBeWoo <= 1.1.0 - Cross-Site Request Forgery to Stored XSS and Pricing Table Deletion
The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel and remove functions. This makes it possible for unauthenticated attackers to...
CVE-2026-1852
Summary: CVE-2026-1852 affects the Product Pricing Table by WooBeWoo WordPress plugin. It is a Cross-Site Request Forgery (CSRF) vulnerability with stored XSS implications due to missing/incorrect nonce validation on the updateLabel() and remove() functions, in all versions up to 1.1.0. This allo...
PT-2026-33055
Name of the Vulnerable Software and Affected Versions Product Pricing Table by WooBeWoo versions prior to 1.1.1 Description The Product Pricing Table by WooBeWoo plugin for WordPress is susceptible to Cross-Site Request Forgery. This issue occurs because of missing or incorrect nonce validation i...
CVE-2023-50877
Missing Authorization vulnerability in woobewoo Product Filter by WBW allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Filter by WBW: from n/a through 2.5.0...
EUVD-2025-25963
Malicious code in bioql PyPI...
EUVD-2023-55610
Malicious code in bioql PyPI...
EUVD-2025-17496
Malicious code in bioql PyPI...
EUVD-2024-43543
Malicious code in bioql PyPI...
CVE-2025-39496
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WBW WooBeWoo Product Filter Pro allows SQL Injection.This issue affects WooBeWoo Product Filter Pro: from n/a before 2.9.6...
WordPress plugin和WordPress SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
CVE-2025-31059
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in woobewoo WBW Product Table PRO woo-producttables-pro allows SQL Injection.This issue affects WBW Product Table PRO: from n/a through = 2.2.6...
PT-2025-24480 · Woobewoo · Wbw Product Table Pro
Name of the Vulnerable Software and Affected Versions: woobewoo WBW Product Table PRO versions 2.1.3 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
WordPress WooBeWoo Product Filter Pro plugin < 2.9.6 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WooBeWoo Product Filter Pro versions 2.9.6...
CVE-2023-50877
Missing Authorization vulnerability in woobewoo Product Filter by WBW allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Filter by WBW: from n/a through 2.5.0...
PT-2024-13988 · Wbw · Woobewoo Product Filter
Name of the Vulnerable Software and Affected Versions: woobewoo Product Filter by WBW versions 2.5.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions...
CVE-2024-49691
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WBW Plugins Product Filter by WBW woo-product-filter allows SQL Injection.This issue affects Product Filter by WBW: from n/a through = 2.7.0...
CVE-2024-49691
CVE-2024-49691 — WordPress Product Filter by WBW (Woo Product Filter) plugin affected versions
CVE-2024-49691 WordPress Product Filter by WBW plugin <= 2.7.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WBW Plugins Product Filter by WBW woo-product-filter allows SQL Injection.This issue affects Product Filter by WBW: from n/a through = 2.7.0...
CVE-2021-4444
Affected software: Product Filter by WooBeWoo plugin for WordPress (versions up to 1.4.9). Issue: authorization bypass due to missing authorization checks on various functions, enabling unauthenticated attackers to perform unauthorized actions (e.g., creating new filters) and inject malicious Jav...