Wp Customer Area Security Vulnerabilities and Issues — Wp Customer Area CVE List

Lucene search

MarvinlabsWp Customer Area

3 matches found

CVE•added 2019/08/20 4:15 p.m.•38 views

CVE-2017-18519

The customer-area plugin before 7.4.3 for WordPress has XSS via admin pages.

6.1CVSS6AI score0.0021EPSS

CVE•added 2024/01/16 4:15 p.m.•36 views

CVE-2023-6824

The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address.

6.5CVSS6.4AI score0.00515EPSS

CVE•added 2024/01/24 8:15 a.m.•31 views

CVE-2024-0665

The WP Customer Area plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 8.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scri...

6.1CVSS6.4AI score0.00656EPSS