7 matches found
CVE-2025-66089
CVE-2025-66089 concerns the WebToffee Product Feed for WooCommerce plugin (Wordpress) versions up to and including 2.3.1, with a Missing Authorization vulnerability enabling exploitation of incorrectly configured access control. The CVSS v3.1 base score is 4.3 (Medium), and the exploit vector is ...
WordPress Product Feed for WooCommerce plugin <= 2.3.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Product Feed for WooCommerce versions = 2.3.1...
CVE-2025-49287 WordPress Product Feed for WooCommerce plugin <= 2.2.8 - Broken Access Control Vulnerability
Missing Authorization vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Feed for WooCommerce: from n/a through = 2.2.8...
CVE-2024-32087 WordPress Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More plugin <= 3.5.7 - Auth. SQL Injection (SQLi) vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExportFeed.Com Product Feed on WooCommerce for Google.This issue affects Product Feed on WooCommerce for Google: from n/a through 3.5.7...
WordPress Product Feed PRO for WooCommerce Plugin <= 13.2.5 is vulnerable to Cross Site Scripting (XSS)
Software Product Feed PRO for WooCommerce Type Plugin Vulnerable versions = 13.2.5 Fixed in 13.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24800 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 937a0dd44e83 Credits Rafie Muhamma...
WordPress Product Feed Manager Plugin <= 2.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Product Feed Manager Type Plugin Vulnerable versions = 2.2.7 Fixed in 3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer WPFunnels Team PSID 5d8a4ef78a56 Credits Rafie Muhammad Patchstack Required...
WordPress Product Feed PRO for WooCommerce plugin <= 11.0.6 - Settings Update to Stored Cross-Site Scripting (XSS) vulnerability
Settings Update to Stored Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Product Feed PRO for WooCommerce plugin versions = 11.0.6. Solution Update the WordPress Product Feed PRO for WooCommerce plugin to the latest available version at least 11.0.7...