2 matches found
CVE-2022-40700
CVE-2022-40700 is an SSRF vulnerability reported against Montonio for WooCommerce and a range of WordPress plugins/themes. Affected versions include Montonio for WooCommerce up to 6.0.1 (patched in 6.0.2) and other listed plugins up to their indicated versions; several references confirm SSRF as ...
CVE-2017-18598
CVE-2017-18598 : WordPress Qards plugin (through 2017-10-11) contains a cross-site scripting vulnerability in html2canvasproxy.php where a remote document is specified via the URL parameter. Exploitation could allow an attacker to inject scripts into pages viewed by users, potentially stealing da...