4 matches found
EUVD-2025-4852
Malicious code in bioql PyPI...
CVE-2024-13540 WooODT Lite – Delivery & pickup date time location for WooCommerce <= 2.5.1 - Unauthenticated Full Path Dsiclosure
The WooODT Lite – Delivery & pickup date time location for WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.5.1. This is due the /inc/bycwooodtgetallorders.php file being publicly accessible and generating a publicly visible error...
Exploit for CVE-2023-47179
CVE-2023-47179 WooODT Lite = 2.4.6 - Missing Authorization...
WordPress WooODT Lite Plugin <= 2.4.7 is vulnerable to Cross Site Scripting (XSS)
Software WooODT Lite Type Plugin Vulnerable versions = 2.4.7 Fixed in 2.4.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45006 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4ca8f692a25b Credits Le Ngoc Anh Required...