7 matches found
CVE-2025-13109
CVE-2025-13109 concerns the WordPress plugin HUSKY – Products Filter Professional for WooCommerce (versions
EUVD-2025-6801
Malicious code in bioql PyPI...
EUVD-2025-25162
Malicious code in bioql PyPI...
WordPress Ni WooCommerce Customer Product Report plugin <= 1.2.4 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability
Missing Authorization to Authenticated Subscriber+ Settings Update vulnerability discovered by ch4r0n in WordPress Plugin Ni WooCommerce Customer Product Report versions = 1.2.4...
WordPress WPC Smart Compare for WooCommerce plugin <= 6.4.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin WPC Smart Compare for WooCommerce versions = 6.4.7...
CVE-2025-26888 WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Amir Helzer WooCommerce Multilingual & Multicurrency woocommerce-multilingual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through = 5.3.8...
Metasploit Weekly Wrap-Up
Authentication bypass in Wordpress Plugin WooCommerce Payments This week's Metasploit release includes a module for CVE-2023-28121 by h00die. This module can be used against any wordpress instance that uses WooCommerce payments 5.6.1. This module exploits an auth by-pass vulnerability in the...