Cross-Site Request Forgery (CSRF) vulnerability in themelocation Remove Add to Cart WooCommerce plugin <= 1.4.4.
8.8CVSS
8.7AI Score
0.001EPSS
The Custom WooCommerce Checkout Fields Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the save_wcfe_options function in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacke...
6.4CVSS
7.6AI Score
0.0004EPSS
Cross-Site Request Forgery (CSRF) vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0.
4.3CVSS
9.2AI Score
0.0004EPSS
Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0.
4.3CVSS
6.8AI Score
0.0004EPSS