6 matches found
CVE-2025-39472
Cross-Site Request Forgery CSRF vulnerability in wpweb WooCommerce Social Login woo-social-login allows Cross Site Request Forgery.This issue affects WooCommerce Social Login: from n/a through 2.8.3...
CVE-2025-39472
Cross-Site Request Forgery CSRF vulnerability in wpweb WooCommerce Social Login woo-social-login allows Cross Site Request Forgery.This issue affects WooCommerce Social Login: from n/a through 2.8.3...
CVE-2024-56265
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpweb WooCommerce PDF Vouchers woocommerce-pdf-vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a through 4.9.9...
CVE-2024-56265
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpweb WooCommerce PDF Vouchers woocommerce-pdf-vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a through 4.9.9...
CVE-2024-39651
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WPWeb WooCommerce PDF Vouchers allows File Manipulation.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.5...
CVE-2024-39651
CVE-2024-39651 affects the WooCommerce PDF Vouchers WordPress plugin (versions before 4.9.5). It allows unauthenticated Arbitrary File Deletion due to a path traversal flaw. Patch: upgrade to 4.9.5 or later. CVSS reported: high, with network attack feasibility and no user interaction necessary. R...