6 matches found
EUVD-2024-50528
Malicious code in bioql PyPI...
CVE-2024-12004
The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2. This is due to missing or incorrect nonce validation on the ajaxupdateordernote function. This makes it possible for unauthenticated attackers to injec...
CVE-2024-12004
The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2. This is due to missing or incorrect nonce validation on the ajaxupdateordernote function. This makes it possible for unauthenticated attackers to injec...
CVE-2024-12004
CVE-2024-12004 affects WPC Order Notes for WooCommerce (WordPress). The issue is Cross-Site Request Forgery due to missing/incorrect nonce validation in ajax_update_order_note(), enabling unauthenticated attackers to induce an admin action that could inject script. The CVE is considered active pe...
CVE-2024-12004 WPC Order Notes for WooCommerce <= 1.5.2 - Cross-Site Request Forgery to Reflected Cross-Site Scripting
The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2. This is due to missing or incorrect nonce validation on the ajaxupdateordernote function. This makes it possible for unauthenticated attackers to injec...
WordPress WPC Order Notes for WooCommerce plugin <= 1.5.2 - Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin WPC Order Notes for WooCommerce versions = 1.5.2...