Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:0 a.m.8 views

CVE-2024-29112

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Marketing Robot WooCommerce Google Feed Manager allows Stored XSS.This issue affects WooCommerce Google Feed Manager: from n/a through 2.2.0...

5.9CVSS8.6AI score0.00356EPSS
Exploits0References1
NVD
NVD
added 2024/08/23 5:15 a.m.13 views

CVE-2024-7258

The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wppfmremoveFeedFile' function in all versions up to, and including, 2.8.0. This makes it possible for authenticated attackers, with Contributor-level acces...

8.8CVSS0.00775EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/08/23 12:0 a.m.10 views

WordPress WooCommerce Google Feed Manager Plugin <= 2.8.0 is vulnerable to Arbitrary File Deletion

Software WooCommerce Google Feed Manager Type Plugin Vulnerable versions = 2.8.0 Fixed in 2.9.0 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-7258 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID b704b4dc18ba Credits Lucio ...

8.8CVSS6.5AI score0.00775EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/08/23 12:0 a.m.6 views

WordPress WooCommerce Google Feed Manager Plugin <= 2.8.0 is vulnerable to Broken Access Control

Software WooCommerce Google Feed Manager Type Plugin Vulnerable versions = 2.8.0 Fixed in 2.9.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID edc9e66e9cf4 Credits Lucio Sá Required...

6.9AI score
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/04/16 12:51 p.m.30 views

CVE-2024-3067 WooCommerce Google Feed Manager <= 2.4.2 - Authenticated (Admin+) SQL Injection to Reflected Cross-Site Scripting

The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possib...

7.2CVSS7.3AI score0.00684EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/16 12:0 a.m.3 views

PT-2024-23555 · WordPress · Woocommerce Google Feed Manager

Name of the Vulnerable Software and Affected Versions: WooCommerce Google Feed Manager plugin for WordPress versions up to, and including, 2.4.2 Description: The issue allows for SQL Injection via the id parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient...

7.2CVSS7.5AI score0.00684EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/03/16 12:0 a.m.12 views

WordPress WooCommerce Google Feed Manager Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Google Feed Manager Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29112 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a47ab0c3a92d Credits Joshua Chan Required...

5.9CVSS6.5AI score0.00356EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder