Ean For Woocommerce Security Vulnerabilities and Issues — Ean For Woocommerce CVE List

Lucene search

WpfactoryEan For Woocommerce

3 matches found

CVE•added 2024/04/18 11:15 a.m.•60 views

CVE-2023-6897

The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2 via the the 'alg_wc_ean_product_meta' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with con...

4.3CVSS6.2AI score0.00153EPSS

CVE•added 2024/04/18 11:15 a.m.•49 views

CVE-2023-6892

The EAN for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'alg_wc_ean_product_meta' shortcode in all versions up to, and including, 4.8.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS5.7AI score0.00098EPSS

CVE•added 2024/05/17 9:15 a.m.•47 views

CVE-2024-34370

Improper Privilege Management vulnerability in WPFactory EAN for WooCommerce allows Privilege Escalation.This issue affects EAN for WooCommerce: from n/a through 4.8.9.

7.2CVSS6.8AI score0.05136EPSS