Finale@* Security Vulnerabilities and Issues — Finale@* CVE List

Lucene search

XlpluginsFinale*

3 matches found

CVE•added 2024/03/01 10:15 a.m.•73 views

CVE-2024-1120

The NextMove Lite – Thank You Page for WooCommerce and Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugins for WordPress are vulnerable to unauthorized access of data due to a missing capability check on the download_tools_settings() function in all versions up to, and including,...

5.3CVSS5.4AI score0.00249EPSS

CVE•added 2024/06/09 11:15 a.m.•48 views

CVE-2024-30485

Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0.

8.8CVSS8.8AI score0.48974EPSS

CVE•added 2025/03/12 7:15 a.m.•37 views

CVE-2024-12589

The Finale Lite – Sales Countdown Timer & Discount for WooCommerce plugin for WordPress is vulnerable to Stored DOM-Based Cross-Site Scripting via the countdown timer in all versions up to, and including, 2.19.0 due to insufficient input sanitization and output escaping. This makes it possible for ...

6.4CVSS5.8AI score0.00049EPSS