Lucene search
K
WpfactoryEan For Woocommerce

4 matches found

CVE
CVE
added 2024/04/18 11:5 a.m.73 views

CVE-2023-6897

CVE-2023-6897 affects the EAN, UPC, ISBN Generator: Product Barcode Inventory for WooCommerce plugin (EAN for WooCommerce) for WordPress. The Red Hat entry confirms an Insecure Direct Object Reference in all versions up to 4.9.2 via the shortcode alg_wc_ean_product_meta, caused by missing validat...

4.3CVSS6.2AI score0.00375EPSS
CVE
CVE
added 2023/02/06 7:59 p.m.67 views

CVE-2023-0062

CVE-2023-0062 affects the WordPress plugin “EAN for WooCommerce” prior to version 4.4.3. The vulnerability arises because the plugin does not validate and escape certain shortcode attributes before echoing them on pages/posts containing the shortcode, enabling stored XSS for users with the Contri...

5.4CVSS5.3AI score0.00573EPSS
CVE
CVE
added 2024/05/17 8:12 a.m.63 views

CVE-2024-34370

CVE-2024-34370 refers to an Improper Privilege Management vulnerability in the WPFactory EAN for WooCommerce plugin, affecting EAN for WooCommerce versions up to 4.8.9. The issue enables Privilege Escalation via Arbitrary Updates to options, with CVSSv3.1 metrics indicating Network attack vector,...

7.2CVSS6.8AI score0.01095EPSS
CVE
CVE
added 2024/04/18 11:5 a.m.62 views

CVE-2023-6892

CVE-2023-6892 affects the EAN, UPC, ISBN Generator: Product Barcode Inventory for WooCommerce (EAN for WooCommerce) WordPress plugin. It is a Stored Cross-Site Scripting vulnerability exploitable via the alg_wc_ean_product_meta shortcode, in all versions up to and including 4.8.7, due to insuffic...

6.4CVSS5.7AI score0.0032EPSS