Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:24 a.m.6 views

CVE-2024-1697

The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the savewcfeoptions function in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.8AI score0.0043EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:57 a.m.12 views

CVE-2024-33956

Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0...

4.3CVSS5.2AI score0.00441EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 3:38 p.m.23 views

CVE-2024-33956

Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0...

4.3CVSS5.1AI score0.00441EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2024/04/03 12:0 a.m.18 views

Custom WooCommerce Checkout Fields Editor < 1.3.1 - Cross-Site Request Forgery

Description The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated attackers to perform an unauthorized...

4.3CVSS6.5AI score0.00212EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/03/28 12:0 a.m.11 views

WordPress Custom WooCommerce Checkout Fields Editor Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Custom WooCommerce Checkout Fields Editor Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-30518 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1753adeaf82a...

4.3CVSS6.6AI score0.00212EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/03/23 2:15 a.m.22 views

CVE-2024-1697

The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the savewcfeoptions function in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS5.7AI score0.0043EPSS
Exploits0References3
Rows per page
Query Builder