2 matches found
CVE-2026-42738 WordPress Smart Online Order for Clover plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Stored XSS.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...
PT-2024-38036 · WordPress · Smart Online Order For Clover
Name of the Vulnerable Software and Affected Versions: The Smart Online Order for Clover plugin for WordPress versions up to, and including, 1.5.6 Description: The issue allows authenticated attackers with Subscriber-level access and above to update product and category descriptions, category...