42 matches found
CVE-2024-30485
Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0...
CVE-2024-25092
Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0...
CVE-2024-25092
Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0...
CVE-2024-30485 WordPress Finale Lite plugin <= 2.18.0 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability
Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0...
CVE-2024-30485 WordPress Finale Lite plugin <= 2.18.0 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability
Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0...
CVE-2024-30485
CVE-2024-30485 corresponds to a Missing Authorization vulnerability in the WordPress plugin Finale Lite. The record notes affected versions “through 2.18.0” and indicates a proof-of-concept/exploitation path exists that can allow an attacker to install and activate arbitrary plugins, as seen in c...
CVE-2024-32104
Cross-Site Request Forgery CSRF vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1...
CVE-2024-32104
Cross-Site Request Forgery CSRF vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1...
CVE-2024-32104 WordPress NextMove Lite plugin <= 2.18.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1...
CVE-2024-32104 WordPress NextMove Lite plugin <= 2.18.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1...
CVE-2024-32104
CVE-2024-32104 is a CSRF vulnerability affecting XLPlugins NextMove Lite (NextMove Lite: n/a through 2.18.1). The embedded CVSS details show the attack vector as Network, no confidentiality impact, low integrity impact, and no availability impact, with user interaction required and no privileges ...
CVE-2024-32107
Cross-Site Request Forgery CSRF vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0...
CVE-2024-32107
Cross-Site Request Forgery CSRF vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0...
CVE-2024-32107 WordPress Finale Lite plugin <= 2.18.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0...
CVE-2024-32107
CVE-2024-32107 is a CSRF vulnerability in Finale Lite – Sales Countdown Timer & Discount for WooCommerce (Finale Lite) affecting versions up to 2.18.0. The issue has a CVSS v3.1 base score of 4.3 (Medium) with network attack vector, low attack complexity, and user interaction required. Remediatio...
PT-2024-24413
Name of the Vulnerable Software and Affected Versions XLPlugins Finale Lite versions 2.18.0 and earlier Description The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application...
CVE-2023-39162
Unauth. Reflected Cross-Site Scripting XSS vulnerability in XLPlugins User Email Verification for WooCommerce plugin = 3.5.0 versions...
CVE-2023-39162
Unauth. Reflected Cross-Site Scripting XSS vulnerability in XLPlugins User Email Verification for WooCommerce plugin = 3.5.0 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in XLPlugins User Email Verification for WooCommerce plugin = 3.5.0 versions...
CVE-2023-39162 WordPress User Email Verification for WooCommerce Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in XLPlugins User Email Verification for WooCommerce plugin = 3.5.0 versions...