Lucene search
K
PluginusBear - Woocommerce Bulk Editor And Products Manager Professional

18 matches found

CVE
CVE
added 2024/03/29 4:22 p.m.76 views

CVE-2024-30463

Technical details about CVE-2024-30463 (BEAR missing authorization) are not provided in the supplied documents. No product version, attack vector, impact, or fix is confirmed here. Monitor official advisories for updates and remediation guidance.

5.3CVSS8.6AI score0.00361EPSS
CVE
CVE
added 2024/03/28 5:9 a.m.74 views

CVE-2024-30200

The CVE-2024-30200 entry describes a Reflected Cross-Site Scripting (XSS) vulnerability in the WordPress BEAR plugin (BEAR – Bulk Editor and Products Manager) by Pluginus.Net, affecting versions up to and including 1.1.4.2. The issue arises from insufficient input sanitization and output escaping...

7.1CVSS5.2AI score0.00372EPSS
CVE
CVE
added 2024/04/10 7:10 p.m.71 views

CVE-2024-31430

CSRF vulnerability (CVE-2024-31430) exists in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional and BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net . Affected range per Red Hat entry: WOLF up to 1.0.8.1 and BEAR up to 1.1.4.1. This issue i...

8.8CVSS5.1AI score0.00224EPSS
CVE
CVE
added 2025/02/17 11:38 a.m.70 views

CVE-2025-26775

CVE-2025-26775 concerns the BEAR WordPress plugin (BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net). The connected data confirms an authenticated (Administrator+) Stored Cross-Site Scripting (XSS) vulnerability in BEAR versions up to 1.1.4.4, triggered during ...

5.9CVSS7.2AI score0.0023EPSS
CVE
CVE
added 2024/03/23 2:48 p.m.68 views

CVE-2024-24835

CVE-2024-24835 affects BEAR (WordPress BEAR plugin) up to version 1.1.4, with a Missing Authorization vulnerability due to insufficient permission checks in several functions. The issue allows authenticated users with subscriber-level access or higher to perform unauthorized actions on BEAR. The ...

6.5CVSS8.6AI score0.00382EPSS
CVE
CVE
added 2023/10/18 7:31 a.m.64 views

CVE-2023-4938

CVE-2023-4938 concerns the BEAR – Bulk Editor and Products Manager Professional for WooCommerce plugin for WordPress. Affected versions are up to and including 1.1.3.3, due to a missing capability check in the function woobe_bulkoperations_apply_default_combination, enabling authenticated users w...

4.3CVSS4.3AI score0.00431EPSS
CVE
CVE
added 2023/10/20 7:29 a.m.63 views

CVE-2023-4924

CVE-2023-4924 affects BEAR – Bulk Editor and Products Manager Pro for WooCommerce (Pluginus.Net). Versions up to 1.1.3.3 are vulnerable due to missing capability checks in woobe_bulkoperations_delete, enabling authenticated users with subscriber access or higher to delete products. Red Hat/NVD/Wo...

5.4CVSS4.3AI score0.00273EPSS
CVE
CVE
added 2023/10/20 7:29 a.m.55 views

CVE-2023-4941

CVE-2023-4941 concerns BEAR – Bulk Editor and Products Manager for WooCommerce (WordPress plugin) up to version 1.1.3.3. The Red Hat/NVD/Wordfence entries describe a Missing Authorization flaw caused by a missing capability check in the woobe_bulkoperations_swap function, enabling authenticated u...

4.3CVSS4.3AI score0.00479EPSS
CVE
CVE
added 2023/10/20 7:29 a.m.53 views

CVE-2023-4923

The BEAR for WordPress plugin (WooCommerce Bulk Editor by PluginUS.Net) is affected by CVE-2023-4923: Cross-Site Request Forgery to delete a product via the woobe_bulkoperations_delete function. Version range vulnerable: up to and including 1.1.3.3. The issue arises from missing/incorrect nonce v...

5.4CVSS4.4AI score0.00288EPSS
CVE
CVE
added 2023/10/20 7:29 a.m.49 views

CVE-2023-4926

CVE-2023-4926 – BEAR for WordPress CSRF to Product Deletion : The BEAR plugin for WooCommerce (Pluginus.Net) is affected by a Cross-Site Request Forgery flaw in versions up to 1.1.3.3, caused by missing or incorrect nonce validation in the woobe_bulk_delete_products function. This can allow an un...

5.4CVSS4.4AI score0.00288EPSS
CVE
CVE
added 2024/02/08 1:13 p.m.47 views

CVE-2024-24834

CVE-2024-24834 affects BEAR – Bulk Editor and Products Manager Professional for WooCommerce (Pluginus.Net) up to version 1.1.4. Root cause: improper input neutralization during web page generation, resulting in Stored XSS. Public data from Patchstack and CVE records indicate the vulnerability exi...

5.9CVSS6.5AI score0.00316EPSS
CVE
CVE
added 2023/10/20 6:35 a.m.46 views

CVE-2023-4935

CVE-2023-4935 (BEAR – Bulk Editor and Products Manager Professional for WooCommerce) : The BEAR WordPress plugin is vulnerable to Cross-Site Request Forgery up to version 1.1.3.3 due to missing/incorrect nonce validation in the create_profile function, allowing unauthenticated attackers to create...

4.3CVSS4.5AI score0.0028EPSS
CVE
CVE
added 2023/10/20 6:35 a.m.46 views

CVE-2023-4942

CVE-2023-4942 (BEAR – Bulk Editor and Products Manager for WooCommerce) is a CSRF vulnerability in BEAR for WordPress up to version 1.1.3.3, caused by missing or incorrect nonce validation in the woobe_bulkoperations_visibility function. This allows unauthenticated attackers to manipulate product...

4.3CVSS4.4AI score0.0029EPSS
CVE
CVE
added 2023/10/20 6:35 a.m.44 views

CVE-2023-4920

CVE-2023-4920 relates to the BEAR – Bulk Editor and Products Manager Professional for WooCommerce WordPress plugin. A CSRF flaw exists in versions up to and including 1.1.3.3 due to missing/incorrect nonce validation in woobe_save_options, enabling unauthenticated attackers to modify plugin setti...

8.8CVSS8.5AI score0.00317EPSS
CVE
CVE
added 2023/10/20 6:35 a.m.43 views

CVE-2023-4943

CVE-2023-4943 : BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net is affected by Missing Authorization to Product Manipulation up to version 1.1.3.3 due to a missing capability check in woobe_bulkoperations_visibility. The vulnerability allows authenticated user...

4.3CVSS4.3AI score0.00483EPSS
CVE
CVE
added 2023/05/28 5:29 p.m.41 views

CVE-2023-33314

CVE-2023-33314 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress BEAR plugin (realmag777) version(s) <= 1.1.3.1. The linked PatchStack entry identifies the vulnerable product and versions and notes a fixed release in 1.1.3.2. Other connected documents corroborate the...

8.8CVSS7AI score0.003EPSS
CVE
CVE
added 2023/10/20 6:35 a.m.41 views

CVE-2023-4937

CVE-2023-4937 relates to BEAR – Bulk Editor and Products Manager Professional for WooCommerce (WordPress plugin). The Red Hat entry mirrors the vulnerability: CSRF in BEAR up to version 1.1.3.3 caused by missing or incorrect nonce validation in the function woobe_bulkoperations_apply_default_comb...

4.3CVSS4.4AI score0.0028EPSS
CVE
CVE
added 2023/10/20 6:35 a.m.39 views

CVE-2023-4940

CVE-2023-4940 : BEAR for WordPress (WooCommerce) is affected by CSRF up to version 1.1.3.3 due to missing/incorrect nonce validation in the woobe_bulkoperations_swap function. This allows unauthenticated attackers to manipulate products if a site admin is tricked into performing an action (e.g., ...

4.3CVSS4.4AI score0.00286EPSS