Lucene search

Side Cart Woocommerce Security Vulnerabilities

cve

CVE-2022-0215

The Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ), and Side Cart Woocommerce (Ajax) WordPress plugins by XootiX are vulnerable to Cross-Site Request Forgery via the save_settings function found in the ~/includes/xoo-framework/admin/class-xoo-admin-settings.php file which makes...

8.8CVSS

8.4AI Score

0.005EPSS

2022-01-18 05:15 PM

cve

CVE-2022-45376

Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side Cart Woocommerce (Ajax) < 2.1 versions.

8.8CVSS

8.8AI Score

0.001EPSS

2023-05-22 10:15 AM

cve

CVE-2023-28415

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XootiX Side Cart Woocommerce (Ajax) plugin <= 2.2 versions.

5.9CVSS

4.8AI Score

0.001EPSS

2023-08-30 04:15 PM

cve

CVE-2024-5324

The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'import_settings' function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level acce...

8.8CVSS

8.2AI Score

0.001EPSS

2024-06-06 02:15 AM