EUVD-2024-52446

Malicious code in bioql PyPI...

EUVD-2023-55635

Malicious code in bioql PyPI...

CVE-2024-54323

Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through = 2.6.2...

CVE-2023-50902

Cross-Site Request Forgery CSRF vulnerability in WPExpertsio New User Approve.This issue affects New User Approve: from n/a through 2.5.1...

CVE-2022-47182

Missing Authorization vulnerability in Wpexpertsio APIExperts Square for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects APIExperts Square for WooCommerce: from n/a through 4.4.1...

CVE-2024-27959

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop...

CVE-2024-54323

Missing Authorization vulnerability in Saad Iqbal New User Approve new-user-approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through = 2.6.2...

CVE-2022-47182

Missing Authorization vulnerability in Wpexpertsio APIExperts Square for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects APIExperts Square for WooCommerce: from n/a through 4.4.1...

CVE-2024-54323 WordPress New User Approve plugin <= 2.6.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPExpertsio New User Approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through 2.6.2...

CVE-2024-54323

CVE-2024-54323 affects the WordPress plugin New User Approve (WPExpertsio) with builds up to 2.6.2. The Connected documents confirm a Missing Authorization vulnerability in the plugin’s access control, enabling an actor without proper privileges to influence the New User Approve workflow. Public ...

CVE-2022-47182

CVE-2022-47182 : WordPress plugin APIExperts Square for WooCommerce (affected versions:

CVE-2024-47338

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal WPExperts Square For GiveWP wpexperts-square-for-give allows SQL Injection.This issue affects WPExperts Square For GiveWP: from n/a through = 1.3...

CVE-2024-27959

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop...

CVE-2024-27959

CVE-2024-27959 — Affected: WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management. Root cause: Improper neutralization of input during web page generation, enabling a reflected XSS. Affected versions: up to 4.2.9 (n/a through 4.2.9). Status: The vulnerability has been report...

PT-2024-22163 · Wpexpertsio · Wpexpertsio Wc Shop Sync

Name of the Vulnerable Software and Affected Versions: Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management versions n/a through 4.2.9 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site...

CVE-2023-50902

Cross-Site Request Forgery CSRF vulnerability in WPExpertsio New User Approve.This issue affects New User Approve: from n/a through 2.5.1...

CVE-2023-50902

Cross-Site Request Forgery CSRF vulnerability in WPExpertsio New User Approve.This issue affects New User Approve: from n/a through 2.5.1...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WPExpertsio New User Approve.This issue affects New User Approve: from n/a through 2.5.1...

CVE-2023-50902

CVE-2023-50902 is a CSRF vulnerability in the WordPress plugin New User Approve (WP-Plugins). The CVE affects New User Approve up to version 2.5.1 and is described as Cross-Site Request Forgery via the admin_notices pathway. The issue is documented with an in-scope remediation: upgrade to a patch...

CVE-2023-49842

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpexpertsio Rocket Maintenance Mode & Coming Soon Page allows Stored XSS.This issue affects Rocket Maintenance Mode & Coming Soon Page: from n/a through 4.3...