Wordpress Currency Switcher Professional Security Vulnerabilities and Issues — Wordpress Currency Switcher Professional CVE List

PluginusWordpress Currency Switcher Professional

3 matches found

CVE•added 2023/06/09 5:33 a.m.•46 views

CVE-2023-2555

CVE-2023-2555 affects the WPCS – WordPress Currency Switcher Professional plugin for WordPress. The issue arises from a missing capability check on the create function in versions up to and including 1.1.9, enabling authenticated attackers with subscriber-level permissions and above to create a c...

4.3CVSS5.2AI score0.00077EPSS

CVE•added 2023/06/09 5:33 a.m.•35 views

CVE-2023-2557

CVE-2023-2557 concerns the WPCS – WordPress Currency Switcher Professional plugin. The vulnerability is a missing capability check on the save function, allowing authenticated attackers with subscriber-level permissions or higher to modify an arbitrary custom drop-down currency switcher. Affected...

4.3CVSS5.3AI score0.00077EPSS

CVE•added 2023/06/09 5:33 a.m.•33 views

CVE-2023-2558

CVE-2023-2558 affects the WPCS – WordPress Currency Switcher Professional plugin for WordPress. It is a stored Cross‑Site Scripting (XSS) vulnerability in the wpcs_current_currency shortcode, caused by insufficient input sanitization and output escaping on user-supplied attributes. Affected versi...

6.4CVSS5.6AI score0.00109EPSS