Husky - Products Filter Professional For Woocommerce Security Vulnerabilities
The Active Products Tables for WooCommerce. Professional products tables for WooCommerce store WordPress plugin before 1.0.5 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a...
6.1CVSS
6.1AI Score
0.001EPSS
The HUSKY WordPress plugin before 1.3.2 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
7.2CVSS
7AI Score
0.001EPSS
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in realmag777 HUSKY β Products Filter for WooCommerce Professional.This issue affects HUSKY β Products Filter for WooCommerce Professional: from n/a through 1.3.4.2.
9.8CVSS
9.8AI Score
0.001EPSS
The HUSKY β Products Filter for WooCommerce Professional plugin for WordPress is vulnerable to SQL Injection via the 'name' parameter in the woof shortcode in all versions up to, and including, 1.3.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...
8.8CVSS
9.2AI Score
0.0004EPSS
The HUSKY β Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.5.2 via the 'type' parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to include and e...
7.2CVSS
9.5AI Score
0.0004EPSS
The HUSKY β Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the βwoof_authorβ parameter in all versions up to, and including, 1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the e...
9.8CVSS
9.7AI Score
0.001EPSS