EUVD-2022-15545

Malicious code in bioql PyPI...

CVE-2025-7654

Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wfgetcookie shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including authentication cookies of other site users, which may make...

WordPress Woocommerce Automatic Order Printing plugin <= 4.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Order Information Disclosure vulnerability

Insecure Direct Object Reference to Authenticated Subscriber+ Order Information Disclosure vulnerability discovered by Lucio Sá in WordPress Plugin Woocommerce Automatic Order Printing versions = 4.1...

CVE-2024-48047 WordPress Linked Variation for WooCommerce plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Razon Komar Pal Linked Variation for WooCommerce linked-variation-for-woocommerce allows Cross Site Request Forgery.This issue affects Linked Variation for WooCommerce: from n/a through = 1.0.5...

WordPress WooCommerce Plugin <= 9.0.2 is vulnerable to Content Injection

Software WooCommerce Type Plugin Vulnerable versions = 9.0.2 Fixed in 9.1.0 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-9944 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b045fb73bcc4 Credits drop Required privilege Unauthenticated Published ...

WordPress Products, Order & Customers Export for WooCommerce Plugin <= 2.0.11 is vulnerable to Cross Site Scripting (XSS)

Software Products, Order & Customers Export for WooCommerce Type Plugin Vulnerable versions = 2.0.11 Fixed in 2.0.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43127 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0c64f76a48fe...

CVE-2023-34170

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WP Overnight Quick/Bulk Order Form for WooCommerce plugin = 3.5.7 versions...

WordPress Direct checkout, Add to cart redirect for Woocommerce Plugin <= 2.1.48 is vulnerable to Cross Site Scripting (XSS)

Software Direct checkout, Add to cart redirect for Woocommerce Type Plugin Vulnerable versions = 2.1.48 Fixed in 2.1.49 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28988 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID...

Discount Rules for WooCommerce Plugin for WordPress < 2.1.0 Multiple Vulnerabilities

The WordPress Discount Rules for WooCommerce Plugin installed on the remote host is affected by SQL injection and unauthenticated stored Cross-Site Scripting XSS vulnerabilities. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...

WordPress WooCommerce Plugin Crafted Order < 2.3.6 XSS Vulnerability

The WordPress plugin Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...