8 matches found
EUVD-2023-38139
Malicious code in bioql PyPI...
EUVD-2023-41747
Malicious code in bioql PyPI...
EUVD-2023-40463
Malicious code in bioql PyPI...
CVE-2024-9237
The Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.5.9. This makes it possible for...
CVE-2023-34015
Cross-Site Request Forgery CSRF vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin = 1.6.4.4 versions...
CVE-2025-30898
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mahdi Yousefi MahdiY افزونه حمل و نقل ووکامرس پست پیشتاز و سفارشی، پیک موتوری persian-woocommerce-shipping allows Stored XSS.This issue affects افزونه حمل و نقل ووکامرس پست پیشتاز و سفارشی، پیک...
CVE-2023-34015
Cross-Site Request Forgery CSRF vulnerability in PI Websolution Conditional shipping & Advanced Flat rate shipping rates / Flexible shipping for WooCommerce shipping plugin = 1.6.4.4 versions...
CVE-2022-4000
The WooCommerce Shipping WordPress plugin through 1.2.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...